diff --git a/calendar/inc/class.calendar_bo.inc.php b/calendar/inc/class.calendar_bo.inc.php
index 1cf60f0a3f..e02786d5c1 100644
--- a/calendar/inc/class.calendar_bo.inc.php
+++ b/calendar/inc/class.calendar_bo.inc.php
@@ -772,6 +772,8 @@ class calendar_bo
 	function read($ids,$date=null,$ignore_acl=False,$date_format='ts')
 	{
 		if ($date) $date = $this->date2ts($date);
+		
+		$return = null;
 
 		if ($ignore_acl || is_array($ids) || ($return = $this->check_perms(EGW_ACL_READ,$ids,0,$date_format,$date)))
 		{
@@ -991,7 +993,7 @@ class calendar_bo
 		{
 			if (!is_array($event))
 			{
-				$event = $this->read($event,$date_to_read,True,$date_format);	// = no ACL check !!!
+				$event = $this->read($event,$date_to_read,true,$date_format);	// = no ACL check !!!
 			}
 			if (!is_array($event))
 			{
diff --git a/calendar/inc/class.calendar_groupdav.inc.php b/calendar/inc/class.calendar_groupdav.inc.php
index 58579b184f..ff73b16701 100644
--- a/calendar/inc/class.calendar_groupdav.inc.php
+++ b/calendar/inc/class.calendar_groupdav.inc.php
@@ -470,7 +470,7 @@ error_log(__METHOD__."($path,,".array2string($start).") filter=".array2string($f
 	{
 		if ($this->debug) error_log(__METHOD__."($id, $user)".print_r($options,true));
 
-		$return_no_access=true;	// as handled by importVCal anyway and allows it to set the status for participants
+		$return_no_access = true;	// as handled by importVCal anyway and allows it to set the status for participants
 		$oldEvent = $this->_common_get_put_delete('PUT',$options,$id,$return_no_access);
 		if (!is_null($oldEvent) && !is_array($oldEvent))
 		{
@@ -667,7 +667,13 @@ error_log(__METHOD__."($path,,".array2string($start).") filter=".array2string($f
 	function read($id)
 	{
 		if ($this->debug > 1) error_log("bo-ical read  :$id:");
-		return $this->bo->read($id,null,false,'server');
+		if (!($retval = $this->bo->check_perms(EGW_ACL_FREEBUSY, $id, 0, 'server'))) return $retval;
+		$event = $this->bo->read($id, null, true, 'server');
+		if (!$this->bo->check_perms(EGW_ACL_READ, $id, 0, 'server'))
+		{
+			$this->bo->clear_private_infos($event, array($this->bo->user, $event['owner']));
+		}
+		return $event;
 	}
 
 	/**