Table of Contents
Fetching ...

Preserving Privacy and Utility in LLM-Based Product Recommendations

Tina Khezresmaeilzadeh, Jiang Zhang, Dimitrios Andreadis, Konstantinos Psounis

TL;DR

The paper tackles privacy in LLM-based product recommendations by separating sensitive from nonsensitive data and processing the former locally while outsourcing the latter to a cloud LLM. It introduces a hybrid framework with a BERT-based obfuscator, a cloud-based recommender for nonsensitive data, and a local Llama 3.2 deobfuscator to recover utility for sensitive items, merging results into a final list. Through experiments on real e-commerce datasets, the method achieves near-baseline utility while significantly reducing privacy leakage, with BERT-based obfuscation plus on-device deobfuscation offering the best privacy-utility balance. The approach is demonstrated to run efficiently on consumer hardware, making private, LLM-powered recommendations practical for real-world use. The work also provides detailed metrics for utility and privacy, analyzes category distribution alignment, and discusses computational overhead and limitations that guide future improvements.

Abstract

Large Language Model (LLM)-based recommendation systems leverage powerful language models to generate personalized suggestions by processing user interactions and preferences. Unlike traditional recommendation systems that rely on structured data and collaborative filtering, LLM-based models process textual and contextual information, often using cloud-based infrastructure. This raises privacy concerns, as user data is transmitted to remote servers, increasing the risk of exposure and reducing control over personal information. To address this, we propose a hybrid privacy-preserving recommendation framework which separates sensitive from nonsensitive data and only shares the latter with the cloud to harness LLM-powered recommendations. To restore lost recommendations related to obfuscated sensitive data, we design a de-obfuscation module that reconstructs sensitive recommendations locally. Experiments on real-world e-commerce datasets show that our framework achieves almost the same recommendation utility with a system which shares all data with an LLM, while preserving privacy to a large extend. Compared to obfuscation-only techniques, our approach improves HR@10 scores and category distribution alignment, offering a better balance between privacy and recommendation quality. Furthermore, our method runs efficiently on consumer-grade hardware, making privacy-aware LLM-based recommendation systems practical for real-world use.

Preserving Privacy and Utility in LLM-Based Product Recommendations

TL;DR

The paper tackles privacy in LLM-based product recommendations by separating sensitive from nonsensitive data and processing the former locally while outsourcing the latter to a cloud LLM. It introduces a hybrid framework with a BERT-based obfuscator, a cloud-based recommender for nonsensitive data, and a local Llama 3.2 deobfuscator to recover utility for sensitive items, merging results into a final list. Through experiments on real e-commerce datasets, the method achieves near-baseline utility while significantly reducing privacy leakage, with BERT-based obfuscation plus on-device deobfuscation offering the best privacy-utility balance. The approach is demonstrated to run efficiently on consumer hardware, making private, LLM-powered recommendations practical for real-world use. The work also provides detailed metrics for utility and privacy, analyzes category distribution alignment, and discusses computational overhead and limitations that guide future improvements.

Abstract

Large Language Model (LLM)-based recommendation systems leverage powerful language models to generate personalized suggestions by processing user interactions and preferences. Unlike traditional recommendation systems that rely on structured data and collaborative filtering, LLM-based models process textual and contextual information, often using cloud-based infrastructure. This raises privacy concerns, as user data is transmitted to remote servers, increasing the risk of exposure and reducing control over personal information. To address this, we propose a hybrid privacy-preserving recommendation framework which separates sensitive from nonsensitive data and only shares the latter with the cloud to harness LLM-powered recommendations. To restore lost recommendations related to obfuscated sensitive data, we design a de-obfuscation module that reconstructs sensitive recommendations locally. Experiments on real-world e-commerce datasets show that our framework achieves almost the same recommendation utility with a system which shares all data with an LLM, while preserving privacy to a large extend. Compared to obfuscation-only techniques, our approach improves HR@10 scores and category distribution alignment, offering a better balance between privacy and recommendation quality. Furthermore, our method runs efficiently on consumer-grade hardware, making privacy-aware LLM-based recommendation systems practical for real-world use.
Paper Structure (65 sections, 11 equations, 2 figures, 7 tables)

This paper contains 65 sections, 11 equations, 2 figures, 7 tables.

Figures (2)

  • Figure 1: High-level overview of the system.
  • Figure 2: Overview of different components of privacy-preserving recommendation system. The user query ($Q$) and purchase history ($\mathcal{P}$) are the inputs to the system. $\mathcal{P}$ is processed by the obfuscator, which classifies products into sensitive ($P_s$) and nonsensitive ($P_{ns}$) categories. $Q$ and $P_{ns}$ are sent to the server-side LLM recommender, while $P_s$ is processed locally using deobfuscator module. The final recommendation set is obtained by combining the locally processed sensitive recommendations ($R_s$) with the server-generated nonsensitive recommendations $R_{ns}$.