Search papers, labs, and topics across Lattice.
This paper introduces a targeted differential privacy (DP) approach that applies DP only to stereotypical user data to minimize unnecessary perturbation in recommender systems. They further employ meta-learning to enhance the model's robustness to the remaining DP noise. Experiments demonstrate that this combined approach achieves a superior accuracy-privacy trade-off compared to standard DP methods and full DP baselines.
Stop blindly applying differential privacy: targeting stereotypical user data and using meta-learning can dramatically improve the accuracy of privacy-preserving recommender systems.
Balancing differential privacy (DP) with recommendation accuracy is a key challenge in privacy-preserving recommender systems, since DP-noise degrades accuracy. We address this trade-off at both the data and model levels. At the data level, we apply DP only to the most stereotypical user data likely to reveal sensitive attributes, such as gender or age, to reduce unnecessary perturbation; we refer to this as targeted DP. At the model level, we use meta-learning to improve robustness to remaining DP-noise. This achieves a better trade-off between accuracy and privacy than standard approaches: Meta-learning improves accuracy and targeted DP leads to lower empirical privacy risk compared to uniformly applied DP and full DP baselines. Overall, our findings show that selectively applying DP at the data level together with meta-learning at the model level can effectively balance recommendation accuracy and user privacy.
