There was no need to use the yellow tracking dots to track Reality Winner... the NSA would certainly have the ability to audit anything printed in their facility and know exactly what was printed on any given day.
This is correct. People are making the mental leap because they know this technique exists and they want it to be something cool.
The reality is even in corporate environments print servers for sensitive areas will retain audit logs and/or copies of documents sent to the print spool. Even if that completely fails, you can do a forensic recovery on the hard drive inside the printer where all documents are buffered.
The tracking dots certainly made things much faster for the NSA: they could immediately locate the printer and the date, without the need to audit the huge number of printers and employees they have. You say "on any given day" but they wouldn't know the day, only a rather large possible range of days.
I doubt that more than a dozen people printed that document. It was a TS/SCI doc IIRC, so all of those printers are in SCIFs with rigorous access control, so it's not like someone grabbed it off the printer -- you have to release the job from the printer console anyway.
How exactly would auditing all prints even work, assuming they were even logged? Wouldn't the auditor need to have security clearances to see what pretty much everyone in the NSA is working on, which goes against need-to-know principles? Or I guess an auditor needs to know these things to do their job...
> Maybe she thought physical paper would be safer from digital surveillance than an email. So she printed the documents at her office [my emphasis] and then mailed them
You can't just plug in a USB key a copy it off. If she'd been randomly searched when leaving, then accidentally removing a printout (with a bunch of other doc's) would earn a breach and possibly loss of access, but it isn't as incriminating as a USB or camera.
The reality is even in corporate environments print servers for sensitive areas will retain audit logs and/or copies of documents sent to the print spool. Even if that completely fails, you can do a forensic recovery on the hard drive inside the printer where all documents are buffered.