One question which was raised was who has permission to add/remove tags on each site.
Facebook allows anyone to tag people they know in any photo they have permission to view. If we followed this it may cause problems for site owners who wish to tag their own websites and these tags are then removed by vandals, or other tags are added which are inaccurate or offensive. This leads us to the conclusion that different images must have different settings for who is allowed to edit the tags.
The next question is who gets to set the privacy settings and how they do it, with the first idea being that a site owner can inject some javascript into their site to set permissions, for example:
taggr.init({
"default_permission": taggr.OWNER_ONLY, // Can only be tagged by the site owner
"/images/1.jpg": taggr.REMOVE_OWN, // Can only remove their own tags
"/images/2.jpg": taggr.NONE, // Can not be tagged
"/images/3.jpg": [12324244, 1324324342324] // Can be tagged by specific facebook users
// etc...
});
The problem this raises is what happens if an image is hotlinked, in which case the hotlinking site could set looser restrictions than the original site and then allow users to tag things which the original site would not want. These tags would then appear on the original site.
The solution to this is to allow site owners to authenticate with Taggr (the method of authentication can be discussed in the future) and set overall restrictions centrally which can then be made more restrictive on a site-by-site basis using the javascript as previously mentioned.
This solution would also allow a site owner to opt-out of tagging, and disable tagging for users with the plugin on their site.
Pingback: Privacy settings | Tag4Fun