"You might also like:" Privacy risks of collaborative filtering

Joseph A. Calandrino, Ann Kilzer, Arvind Narayanan, Edward W. Felten, Vitaly Shmatikov

Research output: Chapter in Book/Report/Conference proceedingConference contribution

216 Scopus citations


Many commercial websites use recommender systems to help customers locate products and content. Modern recommenders are based on collaborative filtering: they use patterns learned from users' behavior to make recommendations, usually in the form of related-items lists. The scale and complexity of these systems, along with the fact that their outputs reveal only relationships between items (as opposed to information about users), may suggest that they pose no meaningful privacy risk. In this paper, we develop algorithms which take a moderate amount of auxiliary information about a customer and infer this customer's transactions from temporal changes in the public outputs of a recommender system. Our inference attacks are passive and can be carried out by any Internet user. We evaluate their feasibility using public data from popular websites Hunch, Last.fm, LibraryThing, and Amazon.

Original languageEnglish (US)
Title of host publicationProceedings - 2011 IEEE Symposium on Security and Privacy, SP 2011
Number of pages16
StatePublished - 2011
Event2011 IEEE Symposium on Security and Privacy, SP 2011 - Berkeley, CA, United States
Duration: May 22 2011May 25 2011

Publication series

NameProceedings - IEEE Symposium on Security and Privacy
ISSN (Print)1081-6011


Other2011 IEEE Symposium on Security and Privacy, SP 2011
Country/TerritoryUnited States
CityBerkeley, CA

All Science Journal Classification (ASJC) codes

  • Safety, Risk, Reliability and Quality
  • Software
  • Computer Networks and Communications


Dive into the research topics of '"You might also like:" Privacy risks of collaborative filtering'. Together they form a unique fingerprint.

Cite this