Algorithms recommend products when we shop online or suggest songs we might like when we listen to music on streaming apps.
These algorithms work by using personal information such as our past purchases and browsing history to generate personalized recommendations. The sensitive nature of this data makes preserving privacy extremely important, but existing methods to solve this problem rely on heavy cryptographic tools requiring huge amounts of computation and bandwidth.
MIT researchers may have a better solution. They have developed a privacy protection protocol that is so effective that it can run on a smartphone on a very slow network. Their technique protects personal data while ensuring the accuracy of the results of the recommendations.
In addition to user privacy, their protocol minimizes the unauthorized transfer of information from the database, known as leaking, even if a malicious agent attempts to trick a database into revealing secret information.
The new protocol could be particularly useful in situations where data leaks could violate user privacy laws, such as when a health care provider uses a patient’s medical history to search a database of medical records. other patients with similar symptoms or when a company serves targeted advertisements to users under EU Privacy Regulations.
“It’s a really difficult problem. We relied on a whole series of cryptographic and algorithmic tricks to arrive at our protocol,” says Sacha Servan-Schreiber, a graduate student at the Computer Science and Artificial Intelligence Laboratory (CSAIL ) and main author of the article presenting this new protocol.
Servan-Schreiber authored the paper with fellow CSAIL graduate student Simon Langowski and their advisor and lead author Srinivas Devadas, Edwin Sibley Webster Professor of Electrical Engineering. The research will be presented at the IEEE Symposium on Security and Privacy.