So would this XKeyscore thing know what you're searching for if you're not logged into your Google account and you're behind SSL? Would that imply they have private keys to Google SSL certificates?
Yes, they probably can. One of the early NSA leaks showed that the NSA had compromised the private networks of many large tech companies. It would be safe to assume this gave them access to tons of unencrypted data about users and behavior. The NSA is using a graph database to store all sorts of data and then joining data across domains to get a fairly complete picture of your digital life.
