Looks like we need an approach that blocks resharing... Makes sense.
Discussion
Can't you always just screenshot?
A screenshot means another URL and no original metadata. That is way better for privacy than resharing the original image. The only catch is, as Vitor has previously stated, we have to make clear in UI that there is no way to ensure the privacy of the image you are sharing, so people were not fooled by a false illusion of privacy.
Whether it be deletions, blocks, or encryption people should be informed that once information is out, there is no guarantee. Mechanisms to stop duplication can give a false sense of security for the uninformed… if they’re not informed.
I do like the idea of the sender being able to tag something that is “intended to be confidential”. And I’d likely choose a client that enforced this automatically.
Deletion requests are great too, but should be labeled in some way as “requests”. No guarantee.
If it’s decentralized we must expect a market to arise for surveillance and marketing. I’m not saying we shouldn’t have tools to thwart this, but we should lead with education & personal responsibility.
Img needs to be encrypted in the img provider server. Only user and reciver have a key to unlocked. When img is unlocked it is store in device secure memory. From there...user can do whatever he like. The point is that img pixels in the server are encrypted... Not the link (string).
You should be able to choose both