Privacy in LLM-based Recommendation: Recent Advances and Future Directions

TL;DR

This paper addresses privacy in LLM-based recommender systems, highlighting underexplored privacy concerns as LLMs are integrated into recommendations. It provides a taxonomy of privacy issues across the LLM lifecycle and recommendation settings, and surveys privacy attacks (e.g., membership inference, prompt injection) and protections (unlearning, federated learning, differential privacy, cryptography). It identifies key challenges—lack of universal applicability, efficiency-privacy trade-offs, and cloud-edge deployment—offering future directions such as multi-task frameworks and parameter-efficient techniques. Overall, the work lays a foundation for privacy-preserving LLM-based recommender systems with practical implications.

Abstract

Nowadays, large language models (LLMs) have been integrated with conventional recommendation models to improve recommendation performance. However, while most of the existing works have focused on improving the model performance, the privacy issue has only received comparatively less attention. In this paper, we review recent advancements in privacy within LLM-based recommendation, categorizing them into privacy attacks and protection mechanisms. Additionally, we highlight several challenges and propose future directions for the community to address these critical problems.