Privacy Aspects of Recommender Systems

  • Arik FriedmanEmail author
  • Bart P. Knijnenburg
  • Kris Vanhecke
  • Luc Martens
  • Shlomo Berkovsky


The popularity of online recommender systems has soared; they are deployed in numerous websites and gather tremendous amounts of user data that are necessary for recommendation purposes. This data, however, may pose a severe threat to user privacy, if accessed by untrusted parties or used inappropriately. Hence, it is of paramount importance for recommender system designers and service providers to find a sweet spot, which allows them to generate accurate recommendations and guarantee the privacy of their users. In this chapter we overview the state of the art in privacy enhanced recommendations. We analyze the risks to user privacy imposed by recommender systems, survey the existing solutions, and discuss the privacy implications for the users of recommenders. We conclude that a considerable effort is still required to develop practical recommendation solutions that provide adequate privacy guarantees, while at the same time facilitating the delivery of high-quality recommendations to their users.


Recommender System User Profile Privacy Concern Homomorphic Encryption User Privacy 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Ackerman, M.S., Cranor, L.F., Reagle, J.: Privacy in e-commerce: Examining user scenarios and privacy preferences. In: Proceedings of the 1st ACM Conference on Electronic Commerce, EC ’99, pp. 1–8. ACM, New York, NY, USA (1999). DOI  10.1145/336992.336995
  2. 2.
    Acquisti, A.: Privacy in electronic commerce and the economics of immediate gratification. In: Proceedings of the 5th ACM conference on Electronic commerce, EC ’04, pp. 21–29. ACM, New York, NY (2004). DOI  10.1145/988772.988777
  3. 3.
    Acquisti, A.: Nudging privacy: The behavioral economics of personal information. IEEE Security and Privacy 7, 82–85 (2009). DOI
  4. 4.
    Acquisti, A., Grossklags, J.: Privacy and rationality in individual decision making. IEEE Security & Privacy 3(1), 26–33 (2005). DOI  10.1109/MSP.2005.22 CrossRefGoogle Scholar
  5. 5.
    Acquisti, A., Grossklags, J.: What can behavioral economics teach us about privacy? In: A. Acquisti, S. De Capitani di Vimercati, S. Gritzalis, C. Lambrinoudakis (eds.) Digital Privacy: Theory, Technologies, and Practices, pp. 363–377. Auerbach Publications (2008)Google Scholar
  6. 6.
    Acquisti, A., John, L.K., Loewenstein, G.: The impact of relative standards on the propensity to disclose. Journal of Marketing Research 49(2), 160–174 (2012). DOI  10.1509/jmr.09.0215 CrossRefGoogle Scholar
  7. 7.
    Agrawal, R., Srikant, R.: Privacy-preserving data mining. In: SIGMOD Conference, pp. 439–450 (2000)Google Scholar
  8. 8.
    Aïmeur, E., Brassard, G., Fernandez, J.M., Mani Onana, F.S.: Alambic: A privacy-preserving recommender system for electronic commerce. International Journal of Information Security 7(5), 307–334 (2008). DOI  10.1007/s10207-007-0049-3 CrossRefGoogle Scholar
  9. 9.
    Arlein, R.M., Jai, B., Jakobsson, M., Monrose, F., Reiter, M.K.: Privacy-preserving global customization. In: Proceedings of the 2nd ACM Conference on Electronic Commerce, EC ’00, pp. 176–184. ACM, New York, NY, USA (2000). DOI  10.1145/352871.352891
  10. 10.
    Awad, N.F., Krishnan, M.S.: The personalization privacy paradox: An empirical evaluation of information transparency and the willingness to be profiled online for personalization. MIS Quarterly 30(1), 13–28 (2006)Google Scholar
  11. 11.
    Bakos, Y., Marotta-Wurgler, F., Trossen, D.R.: Does anyone read the fine print? testing a law and economics approach toStandard form contracts (2009). URL
  12. 12.
    Barbaro, M., Zeller Jr., T.: A face is exposed for AOL searcher no. 4417749. URL [Online; accessed 22-January-2014]
  13. 13.
    Basu, A., Kikuchi, H., Vaidya, J.: Privacy-preserving weighted Slope One predictor for Item-based Collaborative Filtering. In: Proceedings of the international workshop on Trust and Privacy in Distributed Information Processing, Copenhagen, Denmark (2011)Google Scholar
  14. 14.
    Basu, A., Vaidya, J., Kikuchi, H.: Perturbation based privacy preserving slope one predictors for collaborative filtering. In: IFIPTM, pp. 17–35 (2012)Google Scholar
  15. 15.
    Basu, A., Vaidya, J., Kikuchi, H., Dimitrakos, T.: Privacy-preserving collaborative filtering on the cloud and practical implementation experiences. In: IEEE CLOUD, pp. 406–413 (2013)Google Scholar
  16. 16.
    Beatty, P., Reay, I., Dick, S., Miller, J.: P3P adoption on e-commerce web sites: A survey and analysis. IEEE Internet Computing 11(2), 65–71 (2007). DOI  10.1109/MIC.2007.45 CrossRefGoogle Scholar
  17. 17.
    Beckett, L.: Big data brokers: They know everything about you and sell it to the highest bidder (18 March 2013).Google Scholar
  18. 18.
    Bélanger, F., Crossler, R.E.: Privacy in the digital age: A review of information privacy research in information systems. MIS Quarterly 35(4), 1017–1042 (2011)Google Scholar
  19. 19.
    Benassi, P.: TRUSTe: an online privacy seal program. Commun. ACM 42(2), 56–59 (1999)CrossRefGoogle Scholar
  20. 20.
    Bennett, J., Lanning, S.: The netflix prize. In: KDD Cup (2007)Google Scholar
  21. 21.
    Berkovsky, S., Borisov, N., Eytani, Y., Kuflik, T., Ricci, F.: Examining users’ attitude towards privacy preserving collaborative filtering. Proceedings of DM. UM 7 (2007)Google Scholar
  22. 22.
    Berkovsky, S., Eytani, Y., Kuflik, T., Ricci, F.: Hierarchical neighborhood topology for privacy enhanced collaborative filtering. Proceedings of PEP06, CHI 2006 Workshop on Privacy-Enhanced Personalization, Montreal, Canada pp. 6–13 (2006)Google Scholar
  23. 23.
    Berkovsky, S., Eytani, Y., Kuflik, T., Ricci, F.: Enhancing privacy and preserving accuracy of a distributed collaborative filtering. In: RecSys, pp. 9–16 (2007)Google Scholar
  24. 24.
    Berkovsky, S., Kuflik, T., Ricci, F.: The impact of data obfuscation on the accuracy of collaborative filtering. Expert Syst. Appl. 39(5), 5033–5042 (2012)CrossRefGoogle Scholar
  25. 25.
    Besmer, A., Watson, J., Lipford, H.R.: The impact of social navigation on privacy policy configuration. In: Proceedings of the Sixth Symposium on Usable Privacy and Security, p. Article 7. Redmond, Washington (2010). DOI  10.1145/1837110.1837120
  26. 26.
    Bojars, U., Passant, A., Breslin, J.G., Decker, S.: Social network and data portability using semantic web technologies. In: 2nd Workshop on Social Aspects of the Web (SAW 2008) at BIS2008, pp. 5–19 (2008)Google Scholar
  27. 27.
    Bonneau, J., Anderson, J., Danezis, G.: Prying data out of a social network. In: Social Network Analysis and Mining, 2009. ASONAM’09. International Conference on Advances in, pp. 249–254. IEEE (2009)Google Scholar
  28. 28.
    Brown, C.L., Krishna, A.: The skeptical shopper: A metacognitive account for the effects of default options on choice. Journal of Consumer Research 31(3), 529–539 (2004). DOI  10.1086/425087 CrossRefGoogle Scholar
  29. 29.
    Buley, T.: Netflix settles privacy lawsuit, cancels prize sequel. Forbes (3 December 2010).Google Scholar
  30. 30.
    Bustos, L.: Best practice gone bad: 4 shocking A/B tests (2012). URL
  31. 31.
    Calandrino, J.A., Kilzer, A., Narayanan, A., Felten, E.W., Shmatikov, V.: “you might also like:” privacy risks of collaborative filtering. In: IEEE Symposium on Security and Privacy, pp. 231–246 (2011)Google Scholar
  32. 32.
    Canny, J.F.: Collaborative filtering with privacy. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 45–57. IEEE Computer Society, Washington, DC, USA (2002)Google Scholar
  33. 33.
    Canny, J.F.: Collaborative filtering with privacy via factor analysis. In: SIGIR, pp. 238–245 (2002)Google Scholar
  34. 34.
    Cavoukian, A.: Privacy by design: The 7 foundational principles. Tech. rep., Information and Privacy Commissioner of Ontario, Canada, Ontario, Canada (2009).Google Scholar
  35. 35.
    Cavusoglu, H., Phan, T., Cavusoglu, H.: Privacy controls and content sharing patterns of online social network users: A natural experiment. ICIS 2013 Proceedings (2013)Google Scholar
  36. 36.
    Chaabane, A., Acs, G., Kaafar, M.A.: You Are What You Like! Information Leakage Through Users’ Interests. In: 19th Annual Network & Distributed System Security Symposium (2012)Google Scholar
  37. 37.
    Chellappa, R.K., Sin, R.G.: Personalization versus privacy: An empirical examination of the online consumer’s dilemma. Information Technology and Management 6(2), 181–202 (2005). DOI  10.1007/s10799-005-5879-y CrossRefGoogle Scholar
  38. 38.
    Chen, T., Boreli, R., Kaafar, D., Friedman, A.: On the effectiveness of obfuscation techniques in online social networks. In: The 14th Privacy Enhancing Technologies Symposium, pp. 42–62 (2014)Google Scholar
  39. 39.
    Cissée, R., Albayrak, S.: An agent-based approach for privacy-preserving recommender systems. In: Proceedings of the 6th International Joint Conference on Autonomous Agents and Multiagent Systems, AAMAS ’07, pp. 182:1–182:8. ACM, New York, NY, USA (2007)Google Scholar
  40. 40.
    Compañó, R., Lusoli, W.: The policy maker’s anguish: Regulating personal data behavior between paradoxes and dilemmas. In: T. Moore, D. Pym, C. Ioannidis (eds.) Economics of Information Security and Privacy, pp. 169–185. Springer US, New York, NY (2010)CrossRefGoogle Scholar
  41. 41.
    Consolvo, S., Smith, I., Matthews, T., LaMarca, A., Tabert, J., Powledge, P.: Location disclosure to social relations: why, when, & what people want to share. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 81–90. Portland, OR (2005). DOI  10.1145/1054972.1054985
  42. 42.
    Consumer Reports: Facebook & your privacy: Who sees the data you share on the biggest social network? (2012). URL
  43. 43.
    Cranor, L.F.: Web Privacy with P3P. O’Reilly & Associates, Inc., Sebastopol, CA (2002)Google Scholar
  44. 44.
    Cranor, L.F.: ‘I didn’t buy it for myself’: privacy and ecommerce personalization. In: WPES, pp. 111–117 (2003)Google Scholar
  45. 45.
    Culnan, M.J., Bies, R.J.: Consumer privacy: Balancing economic and justice considerations. Journal of Social Issues 59(2), 323–342 (2003). DOI  10.1111/1540-4560.00067 CrossRefGoogle Scholar
  46. 46.
    Dhar, V., Hsieh, J., Sundararajan, A.: Comments on ’Protecting consumer privacy in an era of rapid change: Aproposed framework for businesses and policymakers’. NYU Working Paper CEDER-11-04, New York University, New York, NY (2011)Google Scholar
  47. 47.
    Duhigg, C.: How companies learn your secrets. New York Times Magazine (16 February 2012). URL [Online; accessed 22-January-2014]
  48. 48.
    Dwork, C., McSherry, F., Nissim, K., Smith, A.: Calibrating noise to sensitivity in private data analysis. In: TCC, pp. 265–284 (2006)Google Scholar
  49. 49.
    Dwork, C., Pitassi, T., Naor, M., Rothblum, G.N.: Differential privacy under continual observation. In: STOC, pp. 715–724 (2010)Google Scholar
  50. 50.
    Egelman, S., Tsai, J., Cranor, L.F., Acquisti, A.: Timing is everything?: the effects of timing and placement of online privacy indicators. In: Proceedings of the 27th international conference on Human factors in computing systems, CHI ’09, pp. 319–328. ACM (2009)Google Scholar
  51. 51.
    Erkin, Z., Beye, M., Veugen, T., Lagendijk, R.L.: Privacy enhanced recommender system. Thirty-first Symposium on Information Theory in the Benelux pp. 35–42 (2010)Google Scholar
  52. 52.
    Erkin, Z., Veugen, T., Lagendijk, R.L.: Generating private recommendations in a social trust network. In: CASoN, pp. 82–87 (2011)Google Scholar
  53. 53.
    Erkin, Z., Veugen, T., Toft, T., Lagendijk, R.L.: Generating private recommendations efficiently using homomorphic encryption and data packing. IEEE Transactions on Information Forensics and Security 7(3), 1053–1066 (2012)CrossRefGoogle Scholar
  54. 54.
    EU: Directive 2002/58/EC of the european parliament and of the council concerning the processing of personal data and the protection of privacy in the electronic communications sector. Tech. rep., European Commission (2002)Google Scholar
  55. 55.
    EU: Proposal for a directive of the european parliament and of the council on the protection of individuals with regard to the processing of personal data by competent authorities for the purposes of prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and the free movement of such data. Tech. Rep. 2012/0010 (COD), European Commission (2012)Google Scholar
  56. 56.
    Felten, E.W.: Understanding trusted computing: Will its benefits outweigh its drawbacks? IEEE Security & Privacy 1(3), 60–62 (2003)CrossRefGoogle Scholar
  57. 57.
    Friedman, A., Sharfman, I., Keren, D., Schuster, A.: Privacy-preserving distributed stream monitoring. In: Proceedings of the 21st Annual Network & Distributed System Security Symposium, NDSS ’14. Internet Society (2014)Google Scholar
  58. 58.
    van de Garde-Perik, E., Markopoulos, P., de Ruyter, B., Eggen, B., Ijsselsteijn, W.: Investigating privacy attitudes and behavior in relation to personalization. Social Science Computer Review 26(1), 20–43 (2008). DOI  10.1177/0894439307307682 CrossRefGoogle Scholar
  59. 59.
    Gardner, J.: 12 surprising A/B test results to stop you making assumptions (2012). URL
  60. 60.
    Goldfarb, A., Tucker, C.E.: Privacy regulation and online advertising. Management Science 57(1), 57–71 (2011). DOI  10.1287/mnsc.1100.1246 CrossRefGoogle Scholar
  61. 61.
    Hancock, J.T., Thom-Santelli, J., Ritchie, T.: Deception and design: the impact of communication technology on lying behavior. In: Proceedings of the SIGCHI conference on Human factors in computing systems, CHI ’04, pp. 129–134. ACM, New York, NY, USA (2004)Google Scholar
  62. 62.
    Hann, I.H., Hui, K.L., Lee, S.Y., Png, I.: Overcoming online information privacy concerns: An information-processing theory approach. Journal of Management Information Systems 24(2), 13–42 (2007). DOI  10.2753/MIS0742-1222240202 CrossRefGoogle Scholar
  63. 63.
    Harris, L., Westin, A.F., associates: Consumer privacy attitudes: A major shift since 2000 and why. Tech. Rep. 10, Harris Interactive, Inc. (2003)Google Scholar
  64. 64.
    Heitmann, B., Kim, J.G., Passant, A., Hayes, C., Kim, H.G.: An architecture for privacy-enabled user profile portability on the web of data. In: Proceedings of the 1st International Workshop on Information Heterogeneity and Fusion in Recommender Systems, HetRec ’10, pp. 16–23. ACM, New York, NY, USA (2010). DOI  10.1145/1869446.1869449
  65. 65.
    Hoens, T.R., Blanton, M., Chawla, N.V.: A private and reliable recommendation system for social networks. In: Proceedings of the 2010 IEEE Second International Conference on Social Computing, SOCIALCOM ’10, pp. 816–825. IEEE Computer Society, Washington, DC, USA (2010). DOI  10.1109/SocialCom.2010.124
  66. 66.
    Hollenbach, J., Presbrey, J., Berners-Lee, T.: Using rdf metadata to enable access control on the social semantic web. In: Proceedings of the Workshop on Collaborative Construction, Management and Linking of Structured Knowledge (CK2009), vol. 514 (2009)Google Scholar
  67. 67.
    House, W.: Consumer data privacy in a networked world: A framework for protecting privacy and promoting innovation in the global economy. Tech. rep., White House, Washington, D.C. (2012)Google Scholar
  68. 68.
    Hui, K.L., Teo, H.H., Lee, S.Y.T.: The value of privacy assurance: An exploratory field experiment. MIS Quarterly 31(1), 19–33 (2007)Google Scholar
  69. 69.
    ICO: Guidance on the rules on use of cookies and similar technologies. Tech. rep., Information Commissioner’s Office (2012)Google Scholar
  70. 70.
    Isaacman, S., Ioannidis, S., Chaintreau, A., Martonosi, M.: Distributed rating prediction in user generated content streams. In: RecSys, pp. 69–76 (2011)Google Scholar
  71. 71.
    Jeckmans, A., Tang, Q., Hartel, P.: Privacy-preserving collaborative filtering based on horizontally partitioned dataset. In: Collaboration Technologies and Systems (CTS), 2012 International Conference on, pp. 439–446 (2012). DOI  10.1109/CTS.2012.6261088
  72. 72.
    Jeckmans, A.J., Beye, M., Erkin, Z., Hartel, P., Lagendijk, R.L., Tang, Q.: Privacy in recommender systems. In: Social Media Retrieval, Computer Communications and Networks, pp. 263–281. Springer (2013)Google Scholar
  73. 73.
    John, L.K., Acquisti, A., Loewenstein, G.: Strangers on a plane: Context-dependent willingness to divulge sensitive information. Journal of consumer research 37(5), 858–873 (2011)CrossRefGoogle Scholar
  74. 74.
    Jøsang, A., Ismail, R., Boyd, C.: A survey of trust and reputation systems for online service provision. Decis. Support Syst. 43(2), 618–644 (2007). DOI  10.1016/j.dss.2005.05.019 CrossRefGoogle Scholar
  75. 75.
    Kahneman, D., Tversky, A.: Prospect theory: An analysis of decision under risk. Econometrica 47(2), 263–292 (1979). DOI  10.2307/1914185 zbMATHCrossRefGoogle Scholar
  76. 76.
    Kaleli, C., Polat, H.: Providing private recommendations using naïve bayesian classifier. In: K.M. Wegrzyn-Wolska, P.S. Szczepaniak (eds.) Advances in Intelligent Web Mastering, Advances in Soft Computing, vol. 43, pp. 168–173. Springer Berlin Heidelberg (2007)CrossRefGoogle Scholar
  77. 77.
    Kandappu, T., Friedman, A., Boreli, R., Sivaraman, V.: PrivacyCanary: Privacy-aware recommenders with adaptive input obfuscation. In: MASCOTS (2014)Google Scholar
  78. 78.
    Knijnenburg, B.P., Jin, H.: The persuasive effect of privacy recommendations. In: Twelfth Annual Workshop on HCI Research in MIS, p. Paper 16. Milan, Italy (2013)Google Scholar
  79. 79.
    Knijnenburg, B.P., Kobsa, A.: Helping users with information disclosure decisions: potential for adaptation. In: Proceedings of the 2013 ACM international conference on Intelligent User Interfaces, pp. 407–416. ACM Press, Santa Monica, CA (2013)Google Scholar
  80. 80.
    Knijnenburg, B.P., Kobsa, A.: Making decisions about privacy: Information disclosure in context-aware recommender systems. ACM Transactions on Interactive Intelligent Systems 3(3), 20:1–20:23 (2013). DOI  10.1145/2499670
  81. 81.
    Knijnenburg, B.P., Kobsa, A., Jin, H.: Counteracting the negative effect of form auto-completion on the privacy calculus. In: ICIS 2013 Proceedings. Milan, Italy (2013)Google Scholar
  82. 82.
    Knijnenburg, B.P., Kobsa, A., Jin, H.: Dimensionality of information disclosure behavior. International Journal of Human-Computer Studies 71(12), 1144–1162 (2013)CrossRefGoogle Scholar
  83. 83.
    Knijnenburg, B.P., Kobsa, A., Jin, H.: Preference-based location sharing: are more privacy options really better? In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 2667–2676. ACM, Paris, France (2013). DOI  10.1145/2470654.2481369
  84. 84.
    Knijnenburg, B.P., Kobsa, A., Saldamli, G.: Privacy in mobile personalized systems: The effect of disclosure justifications. In: Proceedings of the SOUPS 2012 Workshop on Usable Privacy & Security for Mobile Devices, pp. 11:1–11:5. Washington, DC (2012)Google Scholar
  85. 85.
    Knijnenburg, B.P., Willemsen, M.C., Hirtbach, S.: Receiving recommendations and providing feedback: The user-experience of a recommender system. In: EC-Web, pp. 207–216 (2010)Google Scholar
  86. 86.
    Kobsa, A.: Tailoring privacy to users’ needs (invited keynote). In: M. Bauer, P.J. Gmytrasiewicz, J. Vassileva (eds.) User Modeling 2001, no. 2109 in Lecture Notes in Computer Science, pp. 303–313. Springer Verlag (2001).Google Scholar
  87. 87.
    Kobsa, A.: Privacy-enhanced web personalization. In: P. Brusilovsky, A. Kobsa, W. Nejdl (eds.) The Adaptive Web, pp. 628–670. Springer-Verlag, Berlin, Heidelberg (2007)CrossRefGoogle Scholar
  88. 88.
    Kobsa, A., Knijnenburg, B.P., Livshits, B.: Let’s do it at my place instead? attitudinal and behavioral study of privacy in client-side personalization. In: ACM CHI Conference on Human Factors in Computing Systems. Toronto, Canada (2014)Google Scholar
  89. 89.
    Kobsa, A., Schreck, J.: Privacy through pseudonymity in user-adaptive systems. ACM Trans. Internet Techn. 3(2), 149–183 (2003)CrossRefGoogle Scholar
  90. 90.
    Kobsa, A., Teltzrow, M.: Contextualized communication of privacy practices and personalization benefits: Impacts on users’ data sharing and purchase behavior. In: D. Martin, A. Serjantov (eds.) Privacy Enhancing Technologies: Revised Selected Papers of the 4th International Workshop, PET 2004, Toronto, Canada, May 26–28, 2004, LNCS, vol. 3424, pp. 329–343. Springer Berlin Heidelberg (2005). DOI  10.1007/b136164 CrossRefGoogle Scholar
  91. 91.
    Kosinski, M., Stillwell, D., Graepel, T.: Private traits and attributes are predictable from digital records of human behavior. Proceedings of the National Academy of Sciences (2013)Google Scholar
  92. 92.
    Krishnamurthy, B., Wills, C.: Privacy diffusion on the web: A longitudinal perspective. In: Proceedings of the 18th International Conference on World Wide Web, WWW ’09, pp. 541–550. ACM, New York, NY, USA (2009). DOI  10.1145/1526709.1526782
  93. 93.
    Lai, Y.L., Hui, K.L.: Internet opt-in and opt-out: Investigating the roles of frames, defaults and privacy concerns. In: Proceedings of the 2006 ACM SIGMIS CPR Conference on Computer Personnel Research, pp. 253–263. Claremont, CA (2006). DOI  10.1145/1125170.1125230
  94. 94.
    Lathia, N., Hailes, S., Capra, L.: Private distributed collaborative filtering using estimated concordance measures. In: Proceedings of the 2007 ACM Conference on Recommender Systems, RecSys ’07, pp. 1–8. ACM, New York, NY, USA (2007)Google Scholar
  95. 95.
    Laufer, R.S., Proshansky, H.M., Wolfe, M.: Some analytic dimensions of privacy. In: R. Küller (ed.) Proceedings of the Lund Conference on Architectural Psychology. Dowden, Hutchinson & Ross, Lund, Sweden (1973)Google Scholar
  96. 96.
    Lemire, D., Maclachlan, A.: Slope one predictors for online rating-based collaborative filtering. In: SDM (2005)CrossRefGoogle Scholar
  97. 97.
    Li, H., Sarathy, R., Xu, H.: Understanding situational online information disclosure as a privacy calculus. Journal of Computer Information Systems 51(1), 62–71 (2010)Google Scholar
  98. 98.
    Li, T., Unger, T.: Willing to pay for quality personalization? trade-off between quality and privacy. European Journal of Information Systems 21(6), 621–642 (2012)CrossRefGoogle Scholar
  99. 99.
    Lin, J., Sadeh, N.M., Amini, S., Lindqvist, J., Hong, J.I., Zhang, J.: Expectation and purpose: understanding users’ mental models of mobile app privacy through crowdsourcing. In: UbiComp, pp. 501–510 (2012)Google Scholar
  100. 100.
    Liu, Y., Gummadi, K.P., Krishnamurthy, B., Mislove, A.: Analyzing facebook privacy settings: user expectations vs. reality. In: Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference, pp. 61–70. ACM, Berlin, Germany (2011)Google Scholar
  101. 101.
    Machanavajjhala, A., Korolova, A., Sarma, A.D.: Personalized social recommendations - accurate or private? PVLDB 4(7), 440–450 (2011)Google Scholar
  102. 102.
    Malhotra, N.K., Kim, S.S., Agarwal, J.: Internet users’ information privacy concerns (IUIPC): the construct, the scale, and a nomological framework. Information Systems Research 15(4), 336–355 (2004). DOI  10.1287/isre.1040.0032 CrossRefGoogle Scholar
  103. 103.
    McSherry, F., Mironov, I.: Differentially private recommender systems: Building privacy into the netflix prize contenders. In: KDD, pp. 627–636 (2009)Google Scholar
  104. 104.
    Metzger, M.J.: Privacy, trust, and disclosure: Exploring barriers to electronic commerce. Journal of Computer-Mediated Communication 9(4) (2004)Google Scholar
  105. 105.
    Mikians, J., Gyarmati, L., Erramilli, V., Laoutaris, N.: Detecting price and search discrimination on the internet. In: HotNets, pp. 79–84 (2012)Google Scholar
  106. 106.
    Mikians, J., Gyarmati, L., Erramilli, V., Laoutaris, N.: Crowd-assisted search for price discrimination in e-commerce: first results. In: CoNEXT, pp. 1–6 (2013)Google Scholar
  107. 107.
    Miller, B.N., Konstan, J.A., Riedl, J.: Pocketlens: Toward a personal recommender system. ACM Transactions on Information Systems 22(3), 437–476 (2004)CrossRefGoogle Scholar
  108. 108.
    Narayanan, A., Shmatikov, V.: Robust de-anonymization of large sparse datasets. In: IEEE Symposium on Security and Privacy, pp. 111–125 (2008)Google Scholar
  109. 109.
    Nikolaenko, V., Ioannidis, S., Weinsberg, U., Joye, M., Taft, N., Boneh, D.: Privacy-preserving matrix factorization. In: ACM Conference on Computer and Communications Security, pp. 801–812 (2013)Google Scholar
  110. 110.
    Nissenbaum, H.: Privacy as contextual integrity. Washington Law Review 79(1), 101–139 (2004)Google Scholar
  111. 111.
    Nissenbaum, H.: A contextual approach to privacy online. Daedalus 140(4), 32–48 (2011)CrossRefGoogle Scholar
  112. 112.
    Nissim, K., Raskhodnikova, S., Smith, A.: Smooth sensitivity and sampling in private data analysis. In: Proceedings of the Thirty-ninth Annual ACM Symposium on Theory of Computing, STOC ’07, pp. 75–84. ACM, New York, NY, USA (2007)Google Scholar
  113. 113.
    Norberg, P.A., Horne, D.R., Horne, D.A.: The privacy paradox: Personal information disclosure intentions versus behaviors. Journal of Consumer Affairs 41(1), 100–126 (2007)CrossRefGoogle Scholar
  114. 114.
    OECD: Recommendation of the council concerning guidelines governing the protection of privacy and transborder flows of personal data. Tech. rep., Organization for Economic Co-operation and Development (1980). Print file://Lit1/OECD-privacy-1980.htmGoogle Scholar
  115. 115.
    Ohm, P.: Broken promises of privacy: Responding to the surprising failure of anonymization. UCLA Law Review 57, 1701 (2010)Google Scholar
  116. 116.
    Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: EUROCRYPT, pp. 223–238 (1999)Google Scholar
  117. 117.
    Pallapa, G., Das, S.K., Di Francesco, M., Aura, T.: Adaptive and context-aware privacy preservation exploiting user interactions in smart environments. Pervasive and Mobile Computing 12, 232–243 (2014). DOI  10.1016/j.pmcj.2013.12.004. URL
  118. 118.
    Parameswaran, R., Blough, D.M.: Privacy preserving collaborative filtering using data obfuscation. In: Proceedings of the IEEE Conference on Granular Computing, p. 380 (2007)Google Scholar
  119. 119.
    Pfitzmann, A., Hansen, M.: A terminology for talking about privacy by data minimization: Anonymity, unlinkability, undetectability, unobservability, pseudonymity, and identity management. (2010)
  120. 120.
    Polat, H., Du, W.: Privacy-preserving collaborative filtering using randomized perturbation techniques. In: ICDM, pp. 625–628 (2003)Google Scholar
  121. 121.
    Polat, H., Du, W.: Svd-based collaborative filtering with privacy. In: SAC, pp. 791–795 (2005)Google Scholar
  122. 122.
    Polat, H., Du, W.: Achieving private recommendations using randomized response techniques. In: PAKDD, pp. 637–646 (2006)Google Scholar
  123. 123.
    Put, A., Dacosta, I., Milutinovic, M., De Decker, B., Seys, S., Boukayoua, F., Naessens, V., Vanhecke, K., De Pessemier, T., Martens, L.: inshopnito: An advanced yet privacy-friendly mobile shopping application. In: Proceedings of 2014 IEEE World Congress on Services. IEEE Computer Society Press (2014). URL
  124. 124.
    Ramakrishnan, N., Keller, B.J., Mirza, B.J., Grama, A., Karypis, G.: Privacy risks in recommender systems. IEEE Internet Computing 5(6), 54–62 (2001)CrossRefGoogle Scholar
  125. 125.
    Ravichandran, R., Benisch, M., Kelley, P., Sadeh, N.: Capturing social networking privacy preferences:. In: I. Goldberg, M. Atallah (eds.) Privacy Enhancing Technologies, Lecture Notes in Computer Science, vol. 5672, pp. 1–18. Springer Berlin / Heidelberg (2009).Google Scholar
  126. 126.
    Renckes, S., Polat, H., Oysal, Y.: A new hybrid recommendation algorithm with privacy. Expert Systems 29(1), 39–55 (2012)Google Scholar
  127. 127.
    Riboni, D., Bettini, C.: Private context-aware recommendation of points of interest: An initial investigation. In: PerCom Workshops, pp. 584–589 (2012)Google Scholar
  128. 128.
    Rifon, N.J., LaRose, R., Choi, S.M.: Your privacy is sealed: Effects of web privacy seals on trust and personal disclosures. Journal of Consumer Affairs 39(2), 339–360 (2005)CrossRefGoogle Scholar
  129. 129.
    Sadeh, N., Hong, J., Cranor, L., Fette, I., Kelley, P., Prabaker, M., Rao, J.: Understanding and capturing people’s privacy policies in a mobile social networking application. Personal and Ubiquitous Computing 13(6), 401–412 (2009). DOI  10.1007/s00779-008-0214-3 CrossRefGoogle Scholar
  130. 130.
    Schafer, J.B., Konstan, J.A., Riedl, J.: E-commerce recommendation applications. Data Min. Knowl. Discov. 5(1/2), 115–153 (2001)zbMATHCrossRefGoogle Scholar
  131. 131.
    Shokri, R., Pedarsani, P., Theodorakopoulos, G., Hubaux, J.P.: Preserving privacy in collaborative filtering through distributed aggregation of offline profiles. In: RecSys, pp. 157–164 (2009)Google Scholar
  132. 132.
    Smith, H.J., Dinev, T., Xu, H.: Information privacy research: An interdisciplinary review. MIS Quarterly 35(4), 989–1016 (2011)Google Scholar
  133. 133.
    Smith, H.J., Milberg, S.J., Burke, S.J.: Information privacy: Measuring individuals’ concerns about organizational practices. MIS Quarterly 20(2), 167–196 (1996)CrossRefGoogle Scholar
  134. 134.
    Smith, N.C., Goldstein, D.G., Johnson, E.J.: Choice without awareness: Ethical and policy implications of defaults. Journal of Public Policy & Marketing 32(2), 159–172 (2013)CrossRefGoogle Scholar
  135. 135.
    Solove, D.J.: Privacy self-management and the consent dilemma. Harvard Law Review 126, 1880–1903 (2013)Google Scholar
  136. 136.
    Stafford, J., Wallnau, K.: Is third party certification necessary. In: Proceedings of the 4th ICSE Workshop on Component-based Software Engineering: Component Certification and System Prediction, pp. 13–17 (2001)Google Scholar
  137. 137.
    Suguri, H.: A standardization effort for agent technologies: The foundation for intelligent physical agents and its activities. In: HICSS (1999)Google Scholar
  138. 138.
    Taylor, D., Davis, D., Jillapalli, R.: Privacy concern and online personalization: The moderating effects of information control and compensation. Electronic Commerce Research 9(3), 203–223 (2009). DOI  10.1007/s10660-009-9036-2 CrossRefGoogle Scholar
  139. 139.
    Toch, E., Wang, Y., Cranor, L.F.: Personalization and privacy: a survey of privacy risks and remedies in personalization-based systems. User Modeling and User-Adapted Interaction 22(1–2), 203–220 (2012). DOI  10.1007/s11257-011-9110-z CrossRefGoogle Scholar
  140. 140.
    TRUSTe: First in-depth analysis of the impact of EU cookie directive shows majority of users choosing to allow advertising cookies (2012).Google Scholar
  141. 141.
    Vallet, D., Friedman, A., Berkovsky, S.: Matrix factorization without user data retention. In: PAKDD (2014)CrossRefGoogle Scholar
  142. 142.
    Walton, D.: Plausible deniability and evasion of burden of proof. Argumentation 10(1), 47–58 (1996). DOI  10.1007/BF00126158 MathSciNetCrossRefGoogle Scholar
  143. 143.
    Wang, W., Benbasat, I.: Recommendation agents for electronic commerce: Effects of explanation facilities on trusting beliefs. Journal of Management Information Systems 23(4), 217–246 (2007). DOI  10.2753/MIS0742-1222230410 CrossRefGoogle Scholar
  144. 144.
    Wang, Y., Kobsa, A.: Impacts of privacy laws and regulations on personalized systems. In: A. Kobsa, R. Chellappa, S. Spiekermann (eds.) Proceedings of PEP06, CHI 2006 Workshop on Privacy-Enhanced Personalization, pp. 44–46. Springer Verlag, Montréal, Canada (2006)Google Scholar
  145. 145.
    Wang, Y., Kobsa, A.: Respecting users’ individual privacy constraints in web personalization. In: C. Conati, K. McCoy, G. Paliouras (eds.) User Modeling 2007, pp. 157–166. Springer Verlag (2007)Google Scholar
  146. 146.
    Wang, Y., Leon, P.G., Scott, K., Chen, X., Acquisti, A., Cranor, L.F.: Privacy nudges for social media: An exploratory facebook study. In: Second International Workshop on Privacy and Security in Online Social Media. Rio De Janeiro, Brazil (2013)Google Scholar
  147. 147.
    Weinsberg, U., Bhagat, S., Ioannidis, S., Taft, N.: Blurme: inferring and obfuscating user gender based on ratings. In: RecSys, pp. 195–202 (2012)Google Scholar
  148. 148.
    Westin, A.F., Harris, L., associates: The Dimensions of privacy: a national opinion research survey of attitudes toward privacy. Garland Publishing, New York (1981)Google Scholar
  149. 149.
    Xu, H., Luo, X.R., Carroll, J.M., Rosson, M.B.: The personalization privacy paradox: An exploratory study of decision making process for location-aware marketing. Decision Support Systems 51(1), 42–52 (2011). DOI  10.1016/j.dss.2010.11.017 CrossRefGoogle Scholar
  150. 150.
    Xu, H., Teo, H.H., Tan, B.C.Y.: Predicting the adoption of location-based services: The role of trust and perceived privacy risk. In: Proceedings of the International Conference on Information Systems, pp. 861–874. Las Vegas, NV (2005)Google Scholar
  151. 151.
    Xu, H., Teo, H.H., Tan, B.C.Y., Agarwal, R.: Effects of individual self-protection, industry self-regulation, and government regulation on privacy concerns: A study of location-based services. Information Systems Research (2012). DOI  10.1287/isre.1120.0416 Google Scholar
  152. 152.
    Xu, H., Wang, N., Grossklags, J.: Privacy-by-ReDesign: alleviating privacy concerns for third-party applications. In: ICIS 2012 Proceedings. Orlando, FL (2012)Google Scholar
  153. 153.
    Yakut, I., Polat, H.: Privacy-preserving eigentaste-based collaborative filtering. In: A. Miyaji, H. Kikuchi, K. Rannenberg (eds.) Advances in Information and Computer Security, Lecture Notes in Computer Science, vol. 4752, pp. 169–184. Springer Berlin Heidelberg (2007)CrossRefGoogle Scholar
  154. 154.
    Yakut, I., Polat, H.: Arbitrarily distributed data-based recommendations with privacy. Data & Knowledge Engineering 72(0), 239–256 (2012)CrossRefGoogle Scholar
  155. 155.
    Yao, A.C.: Protocols for secure computations. In: Proceedings of the 23rd Annual Symposium on Foundations of Computer Science, SFCS ’82, pp. 160–164. IEEE Computer Society, Washington, DC, USA (1982). DOI  10.1109/SFCS.1982.88
  156. 156.
    Zhang, A., Bhamidipati, S., Fawaz, N., Kveton, B.: Priview: Media consumption and recommendation meet privacy against inference attacks. In: W2SP (2014)Google Scholar
  157. 157.
    Zheleva, E., Getoor, L.: To join or not to join: the illusion of privacy in social networks with mixed public and private user profiles. In: WWW, pp. 531–540 (2009)Google Scholar
  158. 158.
    Zhu, T., Ren, Y., Zhou, W., Rong, J., Xiong, P.: An effective privacy preserving algorithm for neighborhood-based collaborative filtering. Future Generation Computer Systems (2013)Google Scholar

Copyright information

© Springer Science+Business Media New York 2015

Authors and Affiliations

  • Arik Friedman
    • 1
    Email author
  • Bart P. Knijnenburg
    • 2
  • Kris Vanhecke
    • 3
  • Luc Martens
    • 3
  • Shlomo Berkovsky
    • 4
  1. 1.NICTASydneyAustralia
  2. 2.Clemson UniversityClemsonUSA
  3. 3.iMinds - Ghent UniversityGhentBelgium
  4. 4.CSIROSydneyAustralia

Personalised recommendations