diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/account/AccountControl.java b/gerrit-server/src/main/java/com/google/gerrit/server/account/AccountControl.java
index 32b4e2c3f6..f148b312f6 100644
--- a/gerrit-server/src/main/java/com/google/gerrit/server/account/AccountControl.java
+++ b/gerrit-server/src/main/java/com/google/gerrit/server/account/AccountControl.java
@@ -139,7 +139,7 @@ public class AccountControl {
       default:
         throw new IllegalStateException("Bad AccountVisibility " + accountVisibility);
     }
-    return false;
+    return currentUser.getCapabilities().canAdministrateServer();
   }
 
   private Set<AccountGroup.UUID> groupsOf(Account.Id account) {
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/account/AccountsCollection.java b/gerrit-server/src/main/java/com/google/gerrit/server/account/AccountsCollection.java
index 4efc65eea6..674046cae8 100644
--- a/gerrit-server/src/main/java/com/google/gerrit/server/account/AccountsCollection.java
+++ b/gerrit-server/src/main/java/com/google/gerrit/server/account/AccountsCollection.java
@@ -60,6 +60,8 @@ public class AccountsCollection implements
     IdentifiedUser user = _parse(id.get());
     if (user == null) {
       throw new ResourceNotFoundException(id);
+    } else if (!accountControlFactory.get().canSee(user.getAccount())) {
+      throw new ResourceNotFoundException(id);
     }
     return new AccountResource(user);
   }
@@ -102,14 +104,7 @@ public class AccountsCollection implements
     if (matches.size() != 1) {
       return null;
     }
-
-    Account.Id a = Iterables.getOnlyElement(matches);
-    if (accountControlFactory.get().canSee(a)
-        || user.getCapabilities().canAdministrateServer()) {
-      return userFactory.create(a);
-    } else {
-      return null;
-    }
+    return userFactory.create(Iterables.getOnlyElement(matches));
   }
 
   @Override