On November 1, 1986, the Sandoz warehouse at Schweizerhalle near Basel catches fire. Extinguishing waters loaded with organochlorine pesticides reach the Rhine. Over several hundred kilometers, the European eel population is decimated. The catastrophe produces in eighteen months what twenty years of negotiations had not obtained: the Rhine Action Programme of 1987, with binding surveillance protocols for the five riparian states.
The standard does not precede disaster. It follows with remarkable precision.
The industrial regulatory corpus bears the dates of its origins. The SEVESO I directive (1982) follows the Seveso accident in 1976, a thermal runaway that releases a TCDD dioxin cloud over several Lombard municipalities. SEVESO II (1996) integrates the lessons of Bhopal and Schweizerhalle. SEVESO III (2012) follows the explosion of the AZF plant in Toulouse in 2001. Each revision encodes in its structure exactly the type of failure that made it necessary. The form of the standard is the form of the accident.
This mechanism reveals a function the standard does not officially assume. It commemorates as much as it prescribes. Each text tells citizens: we have learned. But what we have learned is the exact form of past disaster. Legislative commemoration produces an illusion of coverage, and this illusion is precisely what blinds us to what has not yet occurred.
On March 23, 2005, the explosion of BP's Texas City refinery kills 15 workers and injures 180. The Chemical Safety Board investigation reveals that Process Safety Management regulation covered continuous processes but had been insufficiently applied to startup procedures after shutdown. The standard existed. So did its blind spot. The CSB report produces 26 recommendations that redraw the cartography of what regulation must cover.
The Precautionary Principle attempts to break this cycle. Regulatory frameworks for artificial intelligence, nanotechnologies, biotechnologies have been constructed before major accidents arrive. The question is whether they produce real constraints or nominal constraints, whether the threat of scandal remains the condition for their serious application. The history of GDPR suggests that even prospective regulations await their Cambridge Analytica to be fully activated.
The paradox is not that the system learns from its errors. It is that this mode of learning is the only one operating at sufficient scale to modify entire industries. And that for certain classes of risks—electrical grid collapse, synthetic pathogen release, digital systemic cascade—there may be no tomorrow from which to legislate.
Doctrine
The standard commemorates.
It encodes in regulation the exact form of the disaster that made it necessary. What industry calls regulatory progress is a stratigraphy of accidents. Each layer tells what gave way, on what date, through what mechanism.
Vecteur ouvert
A prescriptive standard says: do this, monitor that. It presupposes that risk is known and that its form is stable. A resilience standard would say something else: be capable of reacting to any shock, including those whose form does not yet exist. The distinction is not technical, it is political. A resilience standard commemorates nothing. It has no founding victim to honor. Who will agree to pay its price before bodies justify the expense?
