Its an issue. But if all the code is open and audited, there should be a way to ensure only aggregates are used, and the reports are anonymous. There would also be a related issue of bot accounts who would try to sabotage the statistics for fun, but should also be reasonably solvable.
I still wouldn't provide that data for two reasons. Firstly, all the assurances in the world aren't going to convince me that there's no risk in transmitting my location to a random computer in the cloud. I'm not going to personally comb through an open source project to make sure my data is not being abused. I would have to ' trust' strangers that it is not. And if I'm trusting strangers with my location data well then we're back to square one.
Secondly, and this is really a different issue and perhaps not that widespread, I don't like turning on location on my devices simply because it reduces battery life. It's not a privacy issue but it's another roadblock (pun not intended) to gathering navigation data
