Most of the men who carried out the Paris attacks were already on the radar of intelligence officials in France and Belgium, where several of the attackers lived only hundreds of yards from the main police station, in a neighborhood known as a haven for extremists. As one French counterterrorism expert and former defense official said, this shows that “our intelligence is actually pretty good, but our ability to act on it is limited by the sheer numbers.” In other words, the problem in this case was not a lack of data, but a failure to act on information authorities already had.
In fact, indiscriminate bulk data sweeps have not been useful. In the more than two years since the N.S.A.’s data collection programs became known to the public, the intelligence community has failed to show that the phone program has thwarted a terrorist attack. Yet for years intelligence officials and members of Congress repeatedly misled the public by claiming that it was effective. […]
Mr. Comey, for example, has said technology companies like Apple and Google should make it possible for law enforcement to decode encrypted messages the companies’ customers send and receive. But requiring that companies build such back doors into their devices and software could make those systems much more vulnerable to hacking by criminals and spies. Technology experts say that government could just as easily establish links between suspects, without the use of back doors, by examining who they call or message, how often and for how long. […]