Personalized Social Recommendations - Accurate or Private?

With the recent surge of social networks like Facebook, new forms of recommendations have become possible - personalized recommendations of ads, content, and even new friend and product connections based on one’s social interactions. Since recommendations may use sensitive social information, it is speculated that these recommendations are associated with privacy risks. The main contribution of this work is in formalizing these expected trade-offs between the accuracy and privacy of personalized social recommendations. In this paper, we study whether “social recommendations”, or recommendations that are solely based on a user’s social network, can be made without disclosing sensitive links in the social graph. More precisely, we quantify the loss in utility when existing recommendation algorithms are modified to satisfy a strong notion of privacy, called differential privacy. We prove lower bounds on the minimum loss in utility for any recommendation algorithm that is differentially private. We adapt two privacy preserving algorithms from the differential privacy literature to the problem of social recommendations, and analyze their performance in comparison to the lower bounds, both analytically and experimentally. We show that good private social recommendations are feasible only for a small subset of the users in the social network or for a lenient setting of privacy parameters.

💡 Research Summary

The paper investigates the fundamental tension between accuracy and privacy in social recommendation systems that rely solely on the structure of a social graph. The authors model the problem as follows: given a graph G = (V, E) representing users and entities, a recommendation consists of selecting a single node i to recommend to a target node r. The “utility” of recommending i to r is a function of the graph alone (e.g., number of common neighbors, weighted path counts, or PageRank scores). The goal of a recommendation algorithm R is to maximize the expected utility, i.e., the dot product of the utility vector u with the probability vector p that R outputs.

To protect privacy, the authors adopt ε‑differential privacy (DP) in a graph‑edge setting: for any two graphs that differ by a single edge not incident to the target node, the probability that R outputs any set of recommendations must differ by at most a factor e^ε. This definition captures the intuition that an adversary observing the recommendation should not be able to infer the presence or absence of any particular friendship or interaction edge.

Accuracy is defined in a worst‑case sense: an algorithm is (1 − δ)‑accurate if, for every possible utility vector, its expected utility is at least (1 − δ) times the optimum (the utility achieved by the non‑private “best” algorithm that always picks the highest‑utility node). The central research question is: what is the maximum achievable accuracy for any ε‑DP algorithm?

The authors first introduce two natural axioms for utility functions: exchangeability (utility is invariant under graph isomorphisms that permute node identities) and concentration (utility is concentrated on a relatively small set of high‑utility nodes). Under these axioms they prove a generic lower bound: any ε‑DP algorithm that attains a constant‑factor approximation of the optimum must incur a privacy loss ε that scales at least as Ω(1/(d_max·δ)), where d_max is the maximum degree in the graph. In other words, for graphs with high‑degree nodes, achieving small δ (high accuracy) forces ε to be large, weakening privacy.

The paper then specializes to two concrete utility functions widely used in social recommendation literature. For the common‑neighbors utility, they show that only nodes with Ω(log n) neighbors can receive accurate recommendations under reasonable ε; otherwise the DP constraint forces the algorithm to randomize heavily, yielding negligible utility. A similar bound holds for weighted‑paths utilities. These results formalize the intuition that sparsely connected users are the most vulnerable to privacy‑induced utility loss.

To demonstrate that the lower bounds are not merely existential, the authors adapt two classic DP mechanisms. The Laplace mechanism adds independent Laplace noise (scale proportional to the sensitivity of the utility vector) to each utility value and then selects the node with the highest noisy utility. The Exponential mechanism samples a node with probability proportional to exp(ε·utility/2Δ), where Δ is the sensitivity. Both mechanisms satisfy ε‑DP by construction. The authors analyze their expected utilities and show that, for the utility functions considered, the Laplace mechanism often matches or slightly exceeds the Exponential mechanism in practice, and both approach the theoretical upper bound on achievable accuracy for a substantial fraction of nodes.

Empirical evaluation uses two real‑world social graphs (derived from Facebook and Google+ data). The experiments vary ε from 0.1 to 1 and test multiple utility functions. Results confirm the theoretical predictions: most low‑degree nodes experience a dramatic drop in recommendation quality, while high‑degree nodes (those with at least logarithmic degree) retain a sizable fraction (often >80 %) of the optimal utility even under strict privacy (ε ≈ 0.5). The Laplace mechanism consistently yields marginally higher accuracy than the Exponential mechanism, though the gap is modest.

Finally, recognizing that computing the full utility vector may be infeasible for massive graphs, the authors propose a sampling‑based linear smoothing algorithm that estimates utilities via random walks and does not require full pre‑computation. This method retains ε‑DP guarantees while dramatically reducing computational overhead, suggesting a practical path for deployment.

In conclusion, the paper provides a rigorous theoretical framework for the privacy‑utility trade‑off in graph‑based social recommendation, establishes tight lower bounds for generic and specific utility functions, and validates that well‑known DP mechanisms can achieve near‑optimal performance for a limited subset of users. The findings imply that truly private, accurate social recommendations are only feasible for users with sufficiently rich connectivity or under relatively lax privacy parameters, highlighting a fundamental limitation for large‑scale personalized services.