In the wake of Facebook’s massive 2021 outage, a concerning pattern emerged in public commentary: the tendency to trivialize engineering disasters through casual metaphors and resigned acceptance. When Harvard Law professor Jonathan Zittrain likened the incident to “locking keys in a car” and others described it as an “accidental suicide,” they fundamentally mischaracterized the nature of engineering failure… and worse, perpetuated a dangerous notion that such disasters are somehow inevitable or acceptable.

They are not.

Casual Commentary Got it Wrong

When we reduce complex engineering failures to simple metaphors that get it wrong, we do more than just misrepresent the technical reality, we misdirect the shape of how society views engineering responsibility.

“Locking keys in a car” suggests a minor inconvenience, a momentary lapse that could happen to anyone. But Facebook’s outage wasn’t a simple mistake, it was a cascading failure resulting from fundamental architectural flaws and insufficient safeguards. It was reminiscent of the infamous north-east power outages that spurred the modernization of NERC regulations.

This matters because our language shapes our expectations. When we treat engineering disasters as inevitable accidents rather than preventable failures, we lower the bar for engineering standards and accountability, instead of generating regulations that force innovation.

Industrial History Should be Studied

The comparison to the Grover Shoe Factory disaster is particularly apt. In 1905, a boiler explosion killed 58 workers and destroyed the factory in Brockton, Massachusetts. At the time, anyone who viewed industrial accidents as an unavoidable cost of progress had to recognize the cost was far too high. This disaster, along with others, led to fundamental changes in boiler design, safety regulations, and most importantly engineering code of ethics and practices.

We didn’t accept “accidents happen” then, in order for the market to expand and grow, and we shouldn’t accept it now.

Reality Matters Most in Failure Analysis

The Facebook outage wasn’t about “locked keys” since it was about fundamental design choices that could be detected and prevented:

1. Single points of failure
2. Automation without safeguards
3. Lack of fail-safe monitoring and response
4. Cascading failures set to propagate unchecked

These weren’t accidents by Facebook, they were intentional design decisions. Each represents a choice made during development, a priority set during architecture review, a corner cut during implementation.

Good CISOs Plot Engineering Culture Change

Real change requires more than technical fixes. We need a fundamental shift in engineering culture regardless of authority or source trying to maintain an “inevitability” narrative of fast failures.

1. Embrace Systemic Analysis: Look beyond immediate causes to systemic vulnerabilities
2. Learn from Other Industries: Adopt practices from fields like aviation and nuclear power, where failure is truly not an option
3. Build Better Metaphors: Use language that accurately reflects the preventable nature of engineering failures

Scrape burned toast faster?

Build fallen bridges faster?

Such a failure-privilege mindset echoes a disturbing pattern in Silicon Valley where engineering disasters are repackaged as heroic “learning experiences” and quick recoveries are celebrated more than prevention. It’s as though we’re praising a builder for quickly cleaning up after people plunge to their death rather than demanding to know why fundamental structural principles were ignored.

When Facebook’s engineering team wrote that “a command was issued with the intention to assess the availability of global backbone capacity,” they weren’t describing an unexpected accident, they were admitting to conducting a critical infrastructure test without proper safeguards.

In any other engineering discipline, this would be considered professional negligence. The question isn’t how quickly they recovered, but why their systems culture allows harm with such a catastrophic command to execute in the first place.

The “plan-do-check-act” concepts of the 1950s didn’t just come from Demming preaching solutions to one of the most challenging global engineering tests in history (WWII), they represented everything opposite to how Facebook has been operating.

Every major engineering disaster should prompt fundamental changes in how we design, build, and maintain systems. Just as the Grover Shoe Factory disaster led to new engineering discipline standards, modern infrastructure failures should drive us to rebuild with better principles.

Large platforms should design for graceful degradation, implement multiple layers of safety, create robust failure detection systems, and build infrastructure that fails safely. And none of this should surprise anyone.

When we casually dismiss engineering failures as inevitable accidents, we do more than mischaracterize the problem, we actively harm the engineering profession’s ability to learn and improve. These dismissals become the foundation for dangerous policy discussions about “innovation without restraint” and “acceptable losses in pursuit of progress.”

But there is nothing acceptable about preventable harm.

Just as we don’t allow bridge builders to operate without civil engineering credentials, or chemical plants to run without safety protocols, we cannot continue to allow critical digital infrastructure to operate without professional engineering standards. The stakes are too high and the potential for cascade effects too great.

The next time you hear someone compare a major infrastructure failure to “locked keys” or an “accident,” push back. Ask why a platform handling billions of people’s communications isn’t required to meet the same rigorous engineering standards we demand of elevators, airplanes, and power plants.

The price of progress isn’t occasional disaster – it’s the implementation of professional standards that make disasters preventable. And in 2025, for platforms operating at global scale, this isn’t just an aspiration. It must be a requirement for the license to operate.