This work addresses the lack of tight privacy auditing methods for existing differentially private synthetic data generators, such as MST and AIM. It proposes the first auditing framework tailored to strong privacy regimes based on Gaussian Differential Privacy (GDP), enabling a precise characterization of the trade-off between false positives and false negatives. This framework yields a tight empirical estimate of the worst-case privacy loss incurred by MST and AIM, substantially narrowing the gap between theoretical privacy guarantees and practical performance. Experimental results demonstrate the framework’s effectiveness and tightness: under a nominal privacy setting of $(\varepsilon, \delta) = (1, 10^{-2})$, the empirically measured privacy parameter is $\mu_{\text{emp}} \approx 0.43$, closely aligning with the theoretical GDP parameter $\mu = 0.45$.

State-of-the-art Differentially Private (DP) synthetic data generators such as MST and AIM are widely used, yet tightly auditing their privacy guarantees remains challenging. We introduce a Gaussian Differential Privacy (GDP)-based auditing framework that measures privacy via the full false-positive/false-negative tradeoff. Applied to MST and AIM under worst-case settings, our method provides the first tight audits in the strong-privacy regime. For $(ε,δ)=(1,10^{-2})$, we obtain $μ_{emp}\approx0.43$ vs. implied $μ=0.45$, showing a small theory-practice gap. Our code is publicly available: https://github.com/sassoftware/dpmm.