I work on in-vehicle systems and the servers that talk to them. There are plenty of existing, deployed services that combine external information with the location of your vehicle (e.g. concierge, route planning with points of interest, vehicle locator, charge station finder for EVs, geo-fencing, insurance scoring, and many more). For all of these, your location data must be sent to a server. And any in-vehicle system that provides at least some services that need vehicle location, will make a habit of sending the vehicle location along whether the owner is using those services or not, provided some kind of account activation has occured. Generally, the automotive manufacturers consider vehicle location data great for providing attractive services to their customers.
I've noticed restraint from auto OEMs on taking the data and using it for things other than the services offered to the users. And unlike webbish companies like Facebook, Google, or Twitter, the auto OEMs are focused on selling vehicles, not data. But that can all change if you fall asleep.
The networked collision detection stuff is interesting, but doesn't change the nature of the problem. The data is already being collected for boring old services from three years back.
The article (not the original paper) is averaging together all of the people that said "Naw, I wouldn't pay anything extra" along with all the people that said one, two, or five dollars, etc. So of course it's going to be some sad little number, leading to a headline that sounds like people are selling their souls.
A more useful question, "of those willing to pay for privacy, how much would they pay?" Read the original paper (not the cheap little article) and you see things like "A non-negligible proportion of the experiment’s participants (13–83%), however, chose to pay a ‘premium’ for privacy. " The paper is actually supporting the idea that some people are willing to pay enough that it would fit into the business model of different content providers.
I also think that a bunch of us hate the idea of paying for privacy, not because we don't value it very much, but because it is offensive to think we would need to pay for it. So again the article headline gives a false notion of everyone selling out for 65 cents, when the stats are unlikely distinguishing between apathetics and holy rollers that would both decline to pay for privacy.
(Just kidding.)
You know that sounds like a solid idea, but I scratch my head at the specific implementation of it. If you say that internet connections for ads are a separate permission, then would Google maintain a white list of ad providers? And then for ad providers, there'd need to be some policing to check that info going to the ad servers doesn't contain personal info.
Maybe the way to handle it is to have a separate Android OS advertising API that manages the request sent to an ad provider, disallowing any possibility of sending app-specified info to the server. And then any ad provider that follows the protocol can be accessed via the advertising API with no risk of sending private info like what HTC is exposing.
"Ninety percent of baseball is half mental." -- Yogi Berra