Privacy-Enhancing Technologies in Personalized Recommender Engines
DOI:
https://doi.org/10.63282/3050-9246.IJETCSIT-V5I2P108Keywords:
Privacy-Enhancing Technologies (PETs), Recommender Systems, Federated Learning, Differential Privacy, Homomorphic Encryption, Secure Computation, GDPR, CCPA, Data Security, PersonalizationAbstract
Recommender systems have become necessary in all e-businesses, social networks, streaming services, and other digital environments. These systems use user interaction data, including browsing history, purchasing behaviors and content preferences, to provide recommended results, thereby improving users’ experience. However, collecting, storing, and processing sensitive personal data are associated with certain privacy impacts. Data breaches, engagement of cybercriminals, and growing concern for protecting personal data rights have brought forth important issues like profiling without consent & misuse, violation of rights, and non-adherence to regulative policies. To rectify these problems, Privacy-Enhancing Technologies or PETs have been considered important to avoid compromising privacy in personalization. This paper investigates the applicability of some of the leading PETs, like differential privacy, federated learning, homomorphic encryption, and SMC, in the structure and functionality of personalized recommender engines in an organized manner. It is mainly a design approach that incorporates privacy into the steps in the recommendation process without raw data aggregation. Thus, in our experiments on benchmark datasets, PETs take only about 2-5% in recommendation performance but significantly reduce privacy loss and improve the user’s sense of privacy protection. Furthermore, such technologies enable adapting data security and protection standards, including GDPR and CCPA, to reach ethical and sustainable large-scale personalization
Downloads
References
[1] Ghosh, A., Roughgarden, T., & Sundararajan, M. (2009, May). Universally utility-maximizing privacy mechanisms. In Proceedings of the forty-first annual ACM symposium on Theory of computing (pp. 351-360).
[2] Himeur, Y., Sohail, S. S., Bensaali, F., Amira, A., & Alazab, M. (2022). Latest trends of security and privacy in recommender systems: a comprehensive review and future perspectives. Computers & Security, 118, 102746.
[3] Shi, E., Chan, H. T. H., Rieffel, E., Chow, R., & Song, D. (2011). Privacy-preserving aggregation of time-series data. In Annual Network & Distributed System Security Symposium (NDSS). Internet Society.
[4] McMahan, B., Moore, E., Ramage, D., Hampson, S., & y Arcas, B. A. (2017, April). Communication-efficient learning of deep networks from decentralized data. In Artificial intelligence and statistics (pp. 1273-1282). PMLR.
[5] Dwork, C. (2008, April). Differential privacy: A survey of results. In International conference on theory and applications of models of computation (pp. 1-19). Berlin, Heidelberg: Springer Berlin Heidelberg.
[6] Aono, Y., Hayashi, T., Wang, L., & Moriai, S. (2017). Privacy-preserving deep learning via additively homomorphic encryption. IEEE transactions on information forensics and security, 13(5), 1333-1345.
[7] Bonawitz, K., Ivanov, V., Kreuter, B., Marcedone, A., McMahan, H. B., Patel, S., ... & Seth, K. (2017, October). Practical secure aggregation for privacy-preserving machine learning. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (pp. 1175-1191).
[8] What are privacy-enhancing technologies (PETs)? decentriq, online. https://www.decentriq.com/article/what-are-privacy-enhancing-technologies
[9] Shokri, R., & Shmatikov, V. (2015, October). Privacy-preserving deep learning. In Proceedings of the 22nd ACM SIGSAC conference on computer and communications security (pp. 1310-1321).
[10] Abadi, M., Chu, A., Goodfellow, I., McMahan, H. B., Mironov, I., Talwar, K., & Zhang, L. (2016, October). Deep learning with differential privacy. In Proceedings of the 2016 ACM SIGSAC conference on computer and communications security (pp. 308-318).
[11] Duchi, J. C., Jordan, M. I., & Wainwright, M. J. (2014). Privacy-aware learning. Journal of the ACM (JACM), 61(6), 1-57.
[12] Shokri, R., Stronati, M., Song, C., & Shmatikov, V. (2017, May). Membership inference attacks against machine learning models. In 2017 IEEE Symposium on Security and Privacy (SP) (pp. 3-18). IEEE.
[13] Papernot, N., Abadi, M., Erlingsson, U., Goodfellow, I., & Talwar, K. (2016). Semi-supervised knowledge transfer for deep learning from private training data. arXiv preprint arXiv:1610.05755.
[14] Dwork, C., & Roth, A. (2014). The algorithmic foundations of differential privacy. Foundations and Trends® in Theoretical Computer Science, 9(3–4), 211-407.
[15] Fan, L., & Xiong, L. (2013). An adaptive approach to real-time aggregate monitoring with differential privacy. IEEE Transactions on knowledge and data engineering, 26(9), 2094-2106.
[16] Lye, G. X., Cheng, W. K., Tan, T. B., Hung, C. W., & Chen, Y. L. (2020). Creating personalized recommendations in a smart community by performing user trajectory analysis through social Internet of Things deployment. Sensors, 20(7), 2098.
[17] Vaidya, J., & Clifton, C. (2003, August). Privacy-preserving k-means clustering over vertically partitioned data. In Proceedings of the ninth ACM SIGKDD international conference on Knowledge discovery and data mining (pp. 206-215).
[18] Yao, A. C. (1982, November). Protocols for secure computations. In 23rd annual symposium on foundations of computer science (sfcs 1982) (pp. 160-164). IEEE.
[19] Fredrikson, M., Jha, S., & Ristenpart, T. (2015, October). Model inversion attacks that exploit confidence information and basic countermeasures in Proceedings of the 22nd ACM SIGSAC conference on computer and communications security (pp. 1322-1333).
[20] Nissim, K., Raskhodnikova, S., & Smith, A. (2007, June). Smooth sensitivity and sampling in private data analysis. In Proceedings of the thirty-ninth annual ACM symposium on Theory of computing (pp. 75-84).
