Predictive Anonymization: Utility-Preserving Publishing of Sparse Recommendation Data

Recently, recommender systems have been introduced to predict user preferences for products or services. In order to seek better prediction techniques, data owners of recommender systems such as Netflix sometimes make their customers’ reviews available to the public, which raises serious privacy concerns. With only a small amount of knowledge about individuals and their ratings to some items in a recommender system, an adversary may easily identify the users and breach their privacy. Unfortunately, most of the existing privacy models (e.g., k-anonymity) cannot be directly applied to recommender systems. In this paper, we study the problem of privacy-preserving publishing of recommendation datasets. We represent recommendation data as a bipartite graph, and define several attacks on the graph that can re-identify users and determine their rated items and ratings. To deal with these attacks, we give formal privacy definitions in recommender systems. We develop a robust and efficient anonymization algorithm, Predictive Anonymization, to achieve the privacy goals. Our experimental results show that Predictive Anonymization can prevent the attacks with very little impact to prediction accuracy.