Experimental Demonstration of a Hybrid Privacy-Preserving Recommender System

Recommender systems enable merchants to assist customers in finding products that best satisfy their needs. Unfortunately, current recommender systems suffer from various privacy-protection vulnerabilities. We report on the first experimental realization of a theoretical framework called ALAMBIC, which we had previously put forth to protect the privacy of customers and the commercial interests of merchants. Our system is a hybrid recommender that combines content-based, demographic and collaborative filtering techniques. The originality of our approach is to split customer data between the merchant and a semi- trusted third party, so that neither can derive sensitive information from their share alone. Therefore, the system can only be subverted by a coalition between these two parties. Experimental results confirm that the performance and user-friendliness of the application need not suffer from the adoption of such privacy-protection solutions. Furthermore, user testing of our prototype show that users react positively to the privacy model proposed.

[1]  Bradley N. Miller,et al.  PocketLens: Toward a personal recommender system , 2004, TOIS.

[2]  Benny Pinkas,et al.  Fairplay - Secure Two-Party Computation System , 2004, USENIX Security Symposium.

[3]  John F. Canny,et al.  Collaborative filtering with privacy via factor analysis , 2002, SIGIR '02.

[4]  Joseph Gray Jackson,et al.  Privacy and Freedom , 1968 .

[5]  Yossi Matias,et al.  Consistent, yet anonymous, Web access with LPWA , 1999, CACM.

[6]  Mark S. Ackerman,et al.  Privacy in e-commerce: examining user scenarios and privacy preferences , 1999, EC '99.

[7]  Robin D. Burke,et al.  Hybrid Recommender Systems: Survey and Experiments , 2002, User Modeling and User-Adapted Interaction.

[8]  Wenliang Du,et al.  Privacy-Preserving Collaborative Filtering , 2005, Int. J. Electron. Commer..

[9]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[10]  Gilles Brassard,et al.  Privacy-preserving demographic filtering , 2006, SAC.

[11]  David Chaum,et al.  Security without identification: transaction systems to make big brother obsolete , 1985, CACM.

[12]  Bettina Berendt,et al.  E-privacy in 2nd generation E-commerce: privacy preferences versus actual behavior , 2001, EC '01.

[13]  Alfred Kobsa,et al.  Impacts of User Privacy Preferences on Personalized Systems , 2004, Designing Personalized User Experiences in eCommerce.

[14]  Gilles Brassard,et al.  Alambic: a privacy-preserving recommender system for electronic commerce , 2008, International Journal of Information Security.

[15]  Scott Flinn,et al.  User Perceptions of Privacy and Security on the Web , 2005, PST.

[16]  T. Cooley A Treatise on the Constitutional Limitations Which Rest upon the Legislative Power of the States , 1868 .

[17]  John F. Canny,et al.  Collaborative filtering with privacy , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[18]  T. Cooley,et al.  A Treatise on the Constitutional Limitations , 2011 .

[19]  John Leubsdorf,et al.  Privacy and Freedom , 1968 .

[20]  S. Berkovsky Hierarchical Neighborhood Topology for Privacy Enhanced Collaborative Filtering , 2006 .

[21]  A. Yao,et al.  Fair exchange with a semi-trusted third party (extended abstract) , 1997, CCS '97.

[22]  J. Boyan DATA AND INFORMATION COLLECTION ON THE NET The Anonymizer Protecting User Privacy on the Web , 1997 .

[23]  J. Rubenfeld The Right of Privacy , 1989 .