I am curious how everyone else is addressing this - when you have several page parameters that get passed into the URL, if, for whatever reason, the user deletes or changes a portion of the url, it could result in the page missing critical content and could even be a security issue. It can get really complicated setting up conditionals on groups when there are several URL parameters with different various - what is your solution if a user starts playing around with your parameter-heavy URL?
Privacy rules are the thing to use for security, not url parameters. I mean that if you choose to display a group based on a URL parameters this is ok, but the data inside this group should show based on privacy rules. You should also have a default display page / conditionnal rules if the url parameters are missing or wrong.