Recommender systems are commonly trained on centrally collected user interaction data like views or clicks. This practice however raises serious privacy concerns regarding the recommender's collection and handling of potentially sensitive data. Several privacy-aware recommender systems have been proposed in recent literature, but comparatively little attention has been given to systems at the intersection of implicit feedback and privacy. To address this shortcoming, we propose a practical federated recommender system for implicit data under user-level local differential privacy (LDP). The privacy-utility trade-off is controlled by parameters $\epsilon$ and $k$, regulating the per-update privacy budget and the number of $\epsilon$-LDP gradient updates sent by each user respectively. To further protect the user's privacy, we introduce a proxy network to reduce the fingerprinting surface by anonymizing and shuffling the reports before forwarding them to the recommender. We empirically demonstrate the effectiveness of our framework on the MovieLens dataset, achieving up to Hit Ratio with K=10 (HR@10) 0.68 on 50k users with 5k items. Even on the full dataset, we show that it is possible to achieve reasonable utility with HR@10>0.5 without compromising user privacy.
翻译:在中央收集的用户互动数据(如观点或点击)方面,建议系统通常都经过集中收集的用户互动数据(如观点或点击)培训。但是,这种做法引起了对建议者收集和处理潜在敏感数据的隐私问题的严重关切。最近文献中提出了若干隐私意识建议系统,但相对较少注意隐含反馈和隐私交叉点的系统。为解决这一缺陷,我们提议在用户一级地方差异隐私(LDP)下为隐含数据建立一个实用的联邦建议系统。隐私-通用权交易由参数$\epsilon$和$k$($10)控制,对每个用户发送的最新隐私预算以及$\epsilon$-LDP梯度更新数进行监管。为了进一步保护用户隐私,我们引入了一个代理网络,通过匿名和重新整理报告,减少指纹表面,然后将报告提交给推荐者。我们实证地展示了我们在MeeLens数据集上的框架的有效性,实现了与K=10的超标(HR@10),50k用户用5k项目更新了0.68。即使完全的保密性,我们也证明它有可能实现完全的用户的通用性。