We have a project in which multiple clients can enter issues, however using Issue Security Levels they cannot see each other's issues. This is great, and what we want.

However, we also wanted to set up a notification scheme in which users of ONE of the groups would get notifications when any of their issues were touched. Unfortunately what appears to happen is that they will get emails for issues that are in Issue Security levels they are not allowed to see! In other words, once we add the group to be notified, that group gets notifications even for issues they cannot see.

Having Jira check Issue security before notifying to be sure the user is allowed to see the issue would be a great enhancement.