The Snowden revelations prompted important reforms. Still, the debate over the proper balance between privacy and security remains far from settled. Disappointingly, the two candidates vying to replace Mr. Obama have failed to outline clear and comprehensive visions for one of the most consequential sets of choices the next president will face.

Image Credit... Victor Kerlow

One big issue is what to do when a key provision of the law that gives the N.S.A. the authority to collect the electronic communications of foreigners — which inevitably sucks in their correspondence with Americans — expires at the end of 2017. Before reauthorizing that part of the law, Section 702 of the Foreign Intelligence Surveillance Act, the next president and Congress should craft a more narrow authority that ensures that the data of Americans cannot be searched without a warrant.

How best to respond to encryption technology, which is evolving rapidly, will be another major challenge. Earlier this year, the White House supported the Justice Department’s heavy-handed order to compel Apple to disable a security feature that would have allowed the government access to a locked iPhone that belonged to a mass shooter. That request, withdrawn before the legal fight was settled, would have forced the company to develop a capability that it argued would have undermined the privacy of its customers. The next president should refrain from forcing technology companies to build encryption systems that can be breached, which would make everyone’s private information more vulnerable to hackers.

The next president should be more forthcoming in disclosing the legal rationale and effectiveness of the government’s surveillance programs. “Just trust us,” its default response to reasonable requests for more information, simply isn’t enough. The latest instance involved reports earlier this week that Yahoo was compelled last year to screen all messages for a specific type of correspondence the government was interested in spotting, as part of surveillance of a state-sponsored terrorist organization. Left unsaid was whether it worked and whether other email providers have been issued similar secret orders.