Structure DC introduced author filters for worklog columns. Unfortunatly, not all columns respect the rights from Tempo Timesheets so if users have only read access to a structure with issues they can effectivly build timesheets for other users, even if this is effectivly forbidden in Tempo Timesheets through Team permissions or View all worklogs project permissions.

This is a huge issue for us as it goes against our Privacy/DSGVO/Union regulations and is prohibitive to a further rollout for structure.

From what I gathered the "Tempo Work Logged" column behaves correctly and respects the permissions.

On the other hand, the standard "Work Logged" column and it's Sum variant allow a "Logged by" filter without any restrictions and I would be able to build time sheets with that.
In addition, the formula column also allows filtering of worklogs by author through "worklogs.FILTER($.author = "authorname").MAP(w -> w.timeSpent).REDUCE((a, b) -> a + b)" and sum over subitems.

To be compliant, at a minimum we would need to disable the "Logged by" filter from the "Work Logged" column and access to worklog.author in formulas.

Our prefered solution would be that Structure completely respects the permissions set by Tempo Timesheets and everybody can only see what they are allowed to.

Another, very minimal, option would be to have an actual read-only permission on Structures that would only allow the usage of saved views and would not allow a user to configure their own columns and therefore be able to access issue data that we would not want them to access.