Well if the NSA were to reveal what flags they look at when making a determination that data is definitely from an American, then it is that much easier for people to evade surveillance by passing their communications as those of an American.
Security by obscurity is a ridiculous idea in that context. Those "evil terrorists" could just switch to 3rd grader "spy" codes and hide the info on postcards sent from metro areas around the world. This whole idea that "the enemy" are complete brainless goons that are "winning" because they found out that the NSA scans the web for keywords like "bomb" and "new york" is just a cruel joke.
Except that AQ and other groups are already adjusting what they do in light of Snowden's leaks. Check the news.
No one (least of all at NSA) thinks AQ are brainless goons. That would, in fact, be why NSA wouldn't want to divulge detailed-enough "This is American data" guidance, as they assume that AQ and others would be able to play off that guidance to alter their own COMSEC procedures.
In fact forcing AQ to switch to using postcards would be beneficial in some regards from the NSA POV as it would slow their communications cycle. If you've never been in an environment where command-and-control are important, let's just say that effective communications are the backbone of operations. Many less-than-perfect debriefs I've been involved in had a major lesson learned "Poor Communications".
There's a maxim that most plans don't survive first contact with the enemy. From AQ's perspective that makes communications import so they can determine the problem, adapt and improvise a solution, and communicate that solution to all affected stakeholders.
Likewise even AQ engages in administrivia like expense reports, promoting leaders, org. alignments, etc. Those all need communications.
So when a break in AQ comms may rely on them screwing up a single time, it becomes even more important not to give away the "Do's and Don't's of NSA SIGINT". Even forcing them to always use GPG might be beneficial, with things like Geo-IP and metadata analysis.
But isn't it painfully simple to beat the system no matter how sophisticated the counter system is set up? We are always pretending like it is some super sophisticated process to plan an attack, but in fact it is painfully simple. If Mr Terrorist buys up some black powder or an automatic gun, ideally shaves his beard and dresses in a suit, he can pretty much get away with anything in a mayor city before getting flagged. Sure that would be just some lone wolf, but you can map out a sophisticated plan if you have guys willing to do this just over a napkin. I am much more surprised over how little "terror" we have than over how much. Plus the administrative stuff might be just made up. Most likely started from something like the "official" Taliban bureau in Qatar and got spun into "terrorists are a bunch of bureaucrats".
How do we know AQ and the other groups are 'adjusting'? What real evidence is there of this? If we know they are adjusting, then we know enough already.
Security by obscurity is a ridiculous idea in that context. Those "evil terrorists" could just switch to 3rd grader "spy" codes and hide the info on postcards sent from metro areas around the world. This whole idea that "the enemy" are complete brainless goons that are "winning" because they found out that the NSA scans the web for keywords like "bomb" and "new york" is just a cruel joke.