Existing accuracy-first differential privacy (DP) frameworks support adaptive privacy budget allocation but largely violate post-processing immunity—a fundamental property ensuring privacy guarantees are preserved under arbitrary post-hoc transformations. We observe that the only definition satisfying this property, “pure post-hoc privacy,” lacks practical primitives, such as analogues of the Gaussian mechanism or algorithms for accuracy evaluation on private validation sets. To bridge this gap, we propose a novel accuracy-first definition grounded in Rényi differential privacy (RDP), the first to simultaneously ensure post-processing immunity and practical utility. We design an RDP-compliant Gaussian-type mechanism and a private validation-set accuracy estimation algorithm. In synthetic data generation, our framework dynamically allocates privacy budget until a user-specified accuracy threshold is met—thereby reconciling rigorous theoretical privacy with real-world applicability.

The accuracy-first perspective of differential privacy addresses an important shortcoming by allowing a data analyst to adaptively adjust the quantitative privacy bound instead of sticking to a predetermined bound. Existing works on the accuracy-first perspective have neglected an important property of differential privacy known as post-processing immunity, which ensures that an adversary is not able to weaken the privacy guarantee by post-processing. We address this gap by determining which existing definitions in the accuracy-first perspective have post-processing immunity, and which do not. The only definition with post-processing immunity, pure ex-post privacy, lacks useful tools for practical problems, such as an ex-post analogue of the Gaussian mechanism, and an algorithm to check if accuracy on separate private validation set is high enough. To address this, we propose a new definition based on Rényi differential privacy that has post-processing immunity, and we develop basic theory and tools needed for practical applications. We demonstrate the practicality of our theory with an application to synthetic data generation, where our algorithm successfully adjusts the privacy bound until an accuracy threshold is met on a private validation dataset.