What if you were able to take pictures of people but then the Recognizer steps in?
The Recognizer is a system of mutual privacy which does 'give to get' permission negotiations and allows people to establish and maintain circles of association. Everybody runs the Recognizer on their mobile device. Whenever you take a picture of someone's face, your Recognizer will ping neighboring mobile devices with a copy of the metadata of facial recognition. Whomever receives this signal will validate that it is the right ID and then process the exchange.
The effect is that I take your picture (or start some Recognizer session) and you send me your preferred avatar picture instead, or if you allow, the actual picture. Address, phone number and the rest can be included on a default 'give to get' basis.