diff --git a/mozilla/webtools/bugzilla/.bzrrev b/mozilla/webtools/bugzilla/.bzrrev
index 0a107d004aa..fbd458fcd76 100644
--- a/mozilla/webtools/bugzilla/.bzrrev
+++ b/mozilla/webtools/bugzilla/.bzrrev
@@ -1 +1 @@
-8848
\ No newline at end of file
+8849
\ No newline at end of file
diff --git a/mozilla/webtools/bugzilla/Bugzilla/Bug.pm b/mozilla/webtools/bugzilla/Bugzilla/Bug.pm
index f0476c898ce..b4e8c361a57 100644
--- a/mozilla/webtools/bugzilla/Bugzilla/Bug.pm
+++ b/mozilla/webtools/bugzilla/Bugzilla/Bug.pm
@@ -3872,6 +3872,15 @@ sub get_activity {
         && $include_comment_tags
         && !$attach_id)
     {
+        # Only includes comment tag activity for comments the user is allowed to see.
+        $suppjoins = "";
+        $suppwhere = "";
+        if (!Bugzilla->user->is_insider) {
+            $suppjoins = "INNER JOIN longdescs
+                          ON longdescs.comment_id = longdescs_tags_activity.comment_id";
+            $suppwhere = "AND longdescs.isprivate = 0";
+        }
+
         $query .= "
             UNION ALL
             SELECT 'comment_tag' AS name,
@@ -3883,8 +3892,10 @@ sub get_activity {
                    longdescs_tags_activity.comment_id as comment_id
               FROM longdescs_tags_activity
                    INNER JOIN profiles ON profiles.userid = longdescs_tags_activity.who
+                   $suppjoins
              WHERE longdescs_tags_activity.bug_id = ?
                    $datepart
+                   $suppwhere
         ";
         push @args, $self->id;
         push @args, $starttime if defined $starttime;