Do you know how many times I thought about adding a back channel to a piece of software I wrote because it's easier than training users? Do you care to guess at how many times I have actually done this?
Lets ask that same question about smaller software companies. You won't find any that survive for long after people find out they have these kinds of security practices.
It's hard to say why this happens so frequently and massively with large companies/corporations. I'm sure it's partly Government pressure, probably pressure from other companies/corporations, and partly an ignorant executive demanding this gets done. I'm sure the latter can claim the first two are the problem. The latter however, should result in termination of the execs responsible. That last part does not happen, which makes me wonder how big the first two really are.