The gold standard for privacy in machine learning, Differential Privacy (DP), is often interpreted through its guarantees against membership inference. However, translating DP budgets into quantitative protection against the more damaging threat of data reconstruction remains a challenging open problem. Existing theoretical analyses of reconstruction risk are typically based on an "identification" threat model, where an adversary with a candidate set seeks a perfect match. When applied to the realistic threat of "…