F. Tschorsch

S. Nuñez von Voigt, E. Daniel, F. Tschorsch

Recommender systems are widely used. Usually, recommender systems are based on a centralized client-server architecture. However, this approach implies drawbacks regarding the privacy of users. In this paper, we propose a distributed reciprocal recommender system with strong, self-determined privacy guarantees, i.e., local differential privacy. More precisely, users randomize their profiles locally and exchange them via a peer-to-peer network. Recommendations are then computed and ranked locally by estimating similarities between profiles. We evaluate recommendation accuracy of a job recommender system and demonstrate that our method provides acceptable utility under strong privacy requirements.

S. Nuñez von Voigt, S. A. Fahrenkrog-Petersen, D. Janssen et al.

Event logs recorded during the execution of business processes constitute a valuable source of information. Applying process mining techniques to them, event logs may reveal the actual process execution and enable reasoning on quantitative or qualitative process properties. However, event logs often contain sensitive information that could be related to individual process stakeholders through background information and cross-correlation. We therefore argue that, when publishing event logs, the risk of such re-identification attacks must be considered. In this paper, we show how to quantify the re-identification risk with measures for the individual uniqueness in event logs. We also report on a large-scale study that explored the individual uniqueness in a collection of publicly available event logs. Our results suggest that potentially up to all of the cases in an event log may be re-identified, which highlights the importance of privacy-preserving techniques in process mining.