Geosocial networks like Foursquare have enabled people to conveniently
share their whereabouts with their friends online, such as sharing
check-ins at visited venues.  This information could be utilized by
recommender systems to improve the recommendation accuracy, known as
social recommendations.  However, incorporating social context into
recommender systems introduces new privacy threats to users.  We
design a framework to achieve the benefits of social recommendations
while preserving the privacy of social relations and considering the
business interests of the service provider (SP).  Namely, we propose
that each user manages social relations locally and participates in
computing social recommendations without revealing social relations to
the SP and without the SP revealing proprietary information to a user.
In addition, we identify three classes of inference attacks where the
SP may infer the existence of social relations by monitoring users’
individual check-in histories.  Furthermore, we propose using private
check-ins to defend against such attacks.  Finally, we conduct a
comprehensive performance evaluation over large-scale real-world
datasets.  The results suggest that the proposed privacy-preserving
framework is feasible on a smart phone and only slightly affects the
overall performance of recommender systems.