EpicRec

Abstract

Recommender systems typically require users' history data to provide a list of recommendations and such recommendations usually reside on the cloud/server. However, the release of such private data to the cloud has been shown to put users at risk. It is highly desirable to provide users high-quality personalized services while respecting their privacy. In this paper, we develop the first Enhanced Privacy-built-In Client for Personalized Recommendation (EpicRec) system that performs the data perturbation on the client side to protect users' privacy. Our system needs no assumption of trusted server and no change on the recommendation algorithms on the server side; and needs minimum user interaction in their preferred manner, which makes our solution fit very well into real world practical use. The design of EpicRec system incorporates three main modules: (1) usable privacy control interface that enables two user preferred privacy controls, overall and category-based controls, in the way they understand; (2) user privacy level quantification that automatically quantifies user privacy concern level from these user understandable inputs; (3) lightweight data perturbation algorithm that perturbs user private data with provable guarantees on both differential privacy and data utility. Using large-scale real world datasets, we show that, for both overall and category-based privacy controls, EpicRec performs best with respect to both perturbation quality and personalized recommendation, with negligible computational overhead. Therefore, EpicRec enables two contradictory goals, privacy preservation and recommendation accuracy. We also implement a proof-of-concept EpicRec system to demonstrate a privacy-preserving personal computer for movie recommendation with web-based privacy controls. We believe EpicRec is an important step towards designing a practical system that enables companies to monetize on user data using high quality personalized services with strong provable privacy protection to gain user acceptance and adoption of their services.