diff --git a/controllers/account.go b/controllers/account.go
index cc40fd71..b725733a 100644
--- a/controllers/account.go
+++ b/controllers/account.go
@@ -273,6 +273,9 @@ func (c *ApiController) GetAccount() {
 
 	object.ExtendUserWithRolesAndPermissions(user)
 
+	user.Permissions = object.GetMaskedPermissions(user.Permissions)
+	user.Roles = object.GetMaskedRoles(user.Roles)
+
 	organization := object.GetMaskedOrganization(object.GetOrganizationByUser(user))
 	resp := Response{
 		Status: "ok",
diff --git a/object/permission.go b/object/permission.go
index 56f28ed0..5a92f095 100644
--- a/object/permission.go
+++ b/object/permission.go
@@ -269,3 +269,12 @@ func ContainsAsterisk(userId string, users []string) bool {
 
 	return containsAsterisk
 }
+
+func GetMaskedPermissions(permissions []*Permission) []*Permission {
+	for _, permission := range permissions {
+		permission.Users = nil
+		permission.Submitter = ""
+	}
+
+	return permissions
+}
diff --git a/object/role.go b/object/role.go
index 36b2290f..0fef7a92 100644
--- a/object/role.go
+++ b/object/role.go
@@ -192,3 +192,11 @@ func roleChangeTrigger(oldName string, newName string) error {
 
 	return session.Commit()
 }
+
+func GetMaskedRoles(roles []*Role) []*Role {
+	for _, role := range roles {
+		role.Users = nil
+	}
+
+	return roles
+}