Recommender Systems are ubiquitous on the web. They are used to recommend users with movies to watch, songs to listen to, products to buy etc. The main goal of recommender systems is to personalize a user's experience based on their interests conveyed through historical feedback information. Existing recommender systems are centralized in nature, that requires a server to collect detailed item feedback information across the entire user population. This status quo presents serious privacy concerns since the central recommendation server has access to fine-grained preference information about each individual user. This feedback information can be utilized to infer the user's sensitive information such as their medical condition, religious, political affiliation etc. This leads to serious privacy concerns. Moreover, a small fraction of users who are aware of such privacy risks tend to share less feedback which in turn reduces the quality of their recommendations.
Since privacy is being recognized as a fundamental human right, it’s imperative that personalization systems provide recommendations in a privacy-preserving manner. In this thesis, we present three privacy-preserving recommender system paradigms whereby the amount the information sent to the central recommender system is gradually reduced.
Paradigm I provides privacy preserving session-based item recommendations where the central server simulates an incognito behavior by treating each user as anonymous. The framework relies on item sequence information across sessions to recommend the next item for a user. Paradigm II enables the user to decide which ratings they would like to keep private i.e., store locally on-device vs public i.e., share with the central recommendation server. Public ratings from all users are used to build a global model and then fine-tuned on each user’s device based on their private ratings. Paradigm III enables each user to store their entire feedback information on-device and employs a federated learning mechanism to perform private learning for recommendation. Differential privacy is used to quantify the privacy budget for an individual user. Each of the three paradigms are scalable to the industrial setting and more importantly, empower each user to determine their individual privacy policy for their recommendations.