Update: A Google spokesperson pinged up with an official response to the study, and you can peek it after the break.
Update 2: Looks as if the full study (PDF) has been outed, with the 30 total apps named. Here they are: The Weather Channel, Cestos, Solitaire, Movies, Babble, Manga Browser, Bump, Wertago, Antivirus, ABC - Animals, Traffic Jam, Hearts, Blackjack, Horoscope, 3001 Wisdom Quotes Lite, Yellow Pages, Dastelefonbuch, Astrid, BBC News Live Stream, Ringtones, Layer, Knocking, Barcode Scanner, Coupons, Trapster, Spongebob Slide, ProBasketBall, MySpace, ixMAT, and Evernote. Thanks, Jordan!
Update 4: And here comes The Weather Channel's comment: "Regarding our Android app – Our customers and their privacy are very important to us. In our Android application, TWC does not share any of your personally identifiable information with advertisers or third parties. TWC does track location – which users consent to at install – for the purpose of providing you the most relevant and accurate weather conditions based on your location."
Update 5: And there's more, this time from Barcode Scanner: "Barcode Scanner has never collected or sent personal information. There is no "third party" server to receive such info any way. Barcode Scanner has never requested location information, or phone or user ID ("phone state" permission in the TaintDroid paper). It didn't help that the paper originally reported that the app had these permissions -- it has been fixed since. The app can't send information it can't collect in the first place. The application has always been open source; anyone can inspect exactly what it does (http://code.google.com/p/zxing). We have a complete statement on app permissions (http://code.google.com/p/zxing/wiki/FrequentlyAskedQuestions). Finally, the authors of the paper have in fact confirmed Barcode Scanner was not one of the "guilty" apps: http://appanalysis.org/letter_oct-01-10.html"
Update 6: The hits just keep on coming. Today, the developers of Astrid have both addressed privacy concerns and added a detailed EULA to the newest build. They've also added the ability for users to opt-out of analytics through the settings menu