Paris: all attackers known in advance. Warnings provided to French government. Not using encrypted communications.
Boston: Specific warnings provided to US authorities. Probably not using encrypted communications (the NSA and others would have made this claim, so by default, we can assume the opposite)
9/11. Most, if not all attackers already known to FBI/CIA. Again, we can assume that no encrypted communications were involved.
In other words, the bulk surveillance has no value in preventing terrorist attacks. If so, what is it for? Blackmailing politicians? Blackmailing the wealthy and powerful?
The NSA/FBI/CIA: price for failure: more resources. More power. More everything. One could almost imagine that there is a strong incentive in letting a small number of terror attacks take place.