Right. If there were a diagram of this architecture, the NSA would scribble "SSL added and removed here" with a smiley face[1]. It's arguably even worse, since the traffic between CloudFlare and the origin server would be traveling in the clear on the public Internet, as opposed to in the clear within Google's private network.
There is also the practical concern for NSA that cloudflare is a well resourced, highly motivated company who has publicly committed to protecting customer data. It would be a lot easier to push around a small company or non profit, especially a company which didn't have the resources or freedom to defend itself. It would certainly be possible to try to get a company like CloudFlare, Twitter, etc to bend to the NSA's will , but they know they are basically guaranteed a fight. Much safer to go to a smaller hosting provider or the end user organization or personnel themselves.
It's reasonable to suppose that the NSA have a whole bunch of private signing keys for a whole bunch of CAs, and will just MITM anyone they please regardless of our puny efforts.
I'm not sure that's a safe assumption and, regardless, an active MITM attack is a much bigger deal than passively collecting traffic as it flows past you in the clear.
