I don't know what cars they checked this with, but my car has to be "trained" to listen to a tire sensor. Every time I rotate the tires, we have to go through a jiration process of moving the car key, gas peddle, and stereo buttons to put it in learn mode, then after a few miles it IDs the 5 sensors (4 tires and spare) that have managed to stay with the vehicle eliminating other tire IDs from other cars, and the determines which tire is on which hub so the controls can tell me the front right tire is low.
If they had the ID and could send a powerful enough broadcast to overpower the one from the tire, and stick with my car long enough to trigger it to tell me I had a flat then a) i'd know I don;t (i've had many flats, its pretty friggin obvious, and I'd know to ignore the sensor.) Even if I fell for it and pulled over, i'd quickly ID it is faulty readings, which turns out to be harmless other than wasting my time, they're not hacking the engine...(that's been proven not possible). If I did figure I'd been spoofed, it would have to be a car that had been with me for a few miles thus far, and might even be easy to ID based on looking at other drivers, and I'd call 911 and have them arrested.
Any "hack" that puts you in close proximity to a mark, for an extended period of time, and takes $1500 worth of hardwarer to pull of (without any financial gain or benefit mind you) and which could be seen by the law as potentially harmful or dangerous (or property damaging), is simply not going to be pulled off in any reality setting other than as a proof of concept.... The most this will do is lead to manufacturers changing the TPMS system slightly to prevent such tampering.
Also, as for the "privacy" concerns... a) its illegal for them to collect that data. b) its a FUCKTON of data to keep and would require tens or hundreds of millions in servers and software just to real-time process the signals (let alone thousands of networked sensors), and then on top store and process that data to build patters on people, and c) if they want you, all they need is a warrant and a magnetic GPS device, or a cell trace, so such a monitoring system is completely unnecessary.