diff --git a/core/lib/Drupal/Core/Entity/EntityAccessControlHandler.php b/core/lib/Drupal/Core/Entity/EntityAccessControlHandler.php
index ba5d4d5..aaeb6b8 100644
--- a/core/lib/Drupal/Core/Entity/EntityAccessControlHandler.php
+++ b/core/lib/Drupal/Core/Entity/EntityAccessControlHandler.php
@@ -40,7 +40,10 @@ class EntityAccessControlHandler extends EntityHandlerBase implements EntityAcce
   protected $entityType;
 
   /**
-   * Allow access to entity label.
+   * Allows to grant access to just the labels.
+   *
+   * By default, the "view label" operation falls back to "view". Set this to
+   * TRUE to allow returning different access when just listing entity labels.
    *
    * @var bool
    */
@@ -88,7 +91,6 @@ public function access(EntityInterface $entity, $operation, AccountInterface $ac
     // Also execute the default access check except when the access result is
     // already forbidden, as in that case, it can not be anything else.
     if (!$return->isForbidden()) {
-
       if ($operation == 'view label' && $this->viewLabelOperation == FALSE) {
         $operation = 'view';
       }
diff --git a/core/modules/link/src/Tests/LinkFieldTest.php b/core/modules/link/src/Tests/LinkFieldTest.php
index 86d205d..2d6ead1 100644
--- a/core/modules/link/src/Tests/LinkFieldTest.php
+++ b/core/modules/link/src/Tests/LinkFieldTest.php
@@ -10,9 +10,9 @@
 use Drupal\Component\Utility\Html;
 use Drupal\Component\Utility\Unicode;
 use Drupal\Core\Url;
+use Drupal\entity_test\Entity\EntityTest;
 use Drupal\link\LinkItemInterface;
 use Drupal\simpletest\WebTestBase;
-use Drupal\user\Entity\User;
 
 /**
  * Tests link field widgets and formatters.
@@ -98,8 +98,11 @@ function testURLValidation() {
     // Create a node to test the link widget.
     $node = $this->drupalCreateNode();
 
-    // Get the user 1 account.
-    $admin_account = User::load(1);
+    // Create an entity with restricted view access.
+    $entity_test_no_label_access = EntityTest::create([
+      'name' => 'forbid_access',
+    ]);
+    $entity_test_no_label_access->save();
 
     // Define some valid URLs (keys are the entered values, values are the
     // strings displayed to the user).
@@ -129,8 +132,8 @@ function testURLValidation() {
       $node->label() . ' (1)' => $node->label() . ' (1)',
       // Entity URI displayed as ER autocomplete value when displayed in a form.
       'entity:node/1' => $node->label() . ' (1)',
-      // Account labels are not treated as confidential information.
-      'entity:user/1' => $admin_account->label() . ' (1)',
+      // URI for an entity that exists, but is not accessible by the user.
+      'entity:entity_test/' . $entity_test_no_label_access->id() => '- Restricted access - (' . $entity_test_no_label_access->id() . ')',
       // URI for an entity that doesn't exist, but with a valid ID.
       'entity:user/999999' => 'entity:user/999999',
     );
diff --git a/core/modules/system/src/Tests/Entity/EntityAccessControlHandlerTest.php b/core/modules/system/src/Tests/Entity/EntityAccessControlHandlerTest.php
index 3833476..1f61e04 100644
--- a/core/modules/system/src/Tests/Entity/EntityAccessControlHandlerTest.php
+++ b/core/modules/system/src/Tests/Entity/EntityAccessControlHandlerTest.php
@@ -55,15 +55,18 @@ function testEntityAccess() {
       'update' => FALSE,
       'delete' => FALSE,
       'view' => TRUE,
+      'view label' => TRUE,
     ), $entity);
 
-    // The custom user is not allowed to perform any operation on test entities.
+    // The custom user is not allowed to perform any operation on test entities,
+    // except for viewing their label.
     $custom_user = $this->createUser();
     $this->assertEntityAccess(array(
       'create' => FALSE,
       'update' => FALSE,
       'delete' => FALSE,
       'view' => FALSE,
+      'view label' => TRUE,
     ), $entity, $custom_user);
   }
 
diff --git a/core/modules/system/tests/modules/entity_test/src/EntityTestAccessControlHandler.php b/core/modules/system/tests/modules/entity_test/src/EntityTestAccessControlHandler.php
index bdc3785..ba72392 100644
--- a/core/modules/system/tests/modules/entity_test/src/EntityTestAccessControlHandler.php
+++ b/core/modules/system/tests/modules/entity_test/src/EntityTestAccessControlHandler.php
@@ -26,6 +26,13 @@
 class EntityTestAccessControlHandler extends EntityAccessControlHandler {
 
   /**
+   * Allows to grant access to just the labels.
+   *
+   * @var bool
+   */
+  protected $viewLabelOperation = TRUE;
+
+  /**
    * {@inheritdoc}
    */
   protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
@@ -37,7 +44,11 @@ protected function checkAccess(EntityInterface $entity, $operation, AccountInter
       return AccessResult::forbidden();
     }
 
-    if ($operation === 'view') {
+    if ($operation === 'view label') {
+      // Viewing the label of test entities is always allowed.
+      return AccessResult::allowed();
+    }
+    elseif ($operation === 'view') {
       if (!$entity->isDefaultTranslation()) {
         return AccessResult::allowedIfHasPermission($account, 'view test entity translations');
       }