DA should be enabled to only autodiscover names from directories attached where users have access to.
Szenario:
Imaging there are need to have a set of departmental address books where only members of a defined departmental group are allowed to read and use the stored contact information.
Here you set up ACL to prevent unauthorized access for users who do not have any business need.
This will work perfectly until you add these departmental address book to directory assistance on a Domino Server.
Once added - any user - who is creating a new message can type a name into the to field. DA will provide matching names including those found in a departmental only address book and you can view details of the names found.
This could be reported as an issue related to Data Privacy regulations.
I tried to set a reader field to the document for an additional address book in DA but this doesn't help. DA still provides names and worse details of persons found in other directories I don't have access.
DA should check access level of a user against an added directory at first before providing names, address information and details.
Optionally there should be a "permissions" option in DA for each attached directory :
DirType= public =>available to all users, or
DirType= private => only for defined names/groups
DirType= system => not available to any user but for system services (f.e. LDAP, SMTP)
Well, we modify the template of the secondary directory, and use Extended Directory Catalog for that. It partially makes the trick. We could discuss it. PM me (twitter @dperarnaud)