diff --git a/core/modules/comment/src/CommentAccessControlHandler.php b/core/modules/comment/src/CommentAccessControlHandler.php
index 531a812..8df7b1e 100644
--- a/core/modules/comment/src/CommentAccessControlHandler.php
+++ b/core/modules/comment/src/CommentAccessControlHandler.php
@@ -108,9 +108,10 @@ protected function checkFieldAccess($operation, FieldDefinitionInterface $field_
 
     if ($operation == 'view') {
       // Admins can view any fields, other users need both the "access comments"
-      // permission and for the comment to be published.
+      // permission and for the comment to be published. The mail field is
+      // hidden from non-admins.
       $admin_access = AccessResult::allowedIfHasPermission($account, 'administer comments');
-      $anonymous_access = AccessResult::allowedIf($account->hasPermission('access comments') && $entity->isPublished())
+      $anonymous_access = AccessResult::allowedIf($account->hasPermission('access comments') && $entity->isPublished() && $field_definition->getName() != 'mail')
         ->cacheUntilEntityChanges($entity);
       return $admin_access->orIf($anonymous_access);
     }
diff --git a/core/modules/comment/src/Tests/CommentFieldAccessTest.php b/core/modules/comment/src/Tests/CommentFieldAccessTest.php
index 4b00397..2feedbe 100644
--- a/core/modules/comment/src/Tests/CommentFieldAccessTest.php
+++ b/core/modules/comment/src/Tests/CommentFieldAccessTest.php
@@ -273,6 +273,11 @@ public function testAccessToAdministrativeFields() {
         ]));
       }
     }
+    foreach ($permutations as $set) {
+      // Check no view-access to mail field for other than admin.
+      $may_view = $set['comment']->mail->access('view', $set['user']);
+      $this->assertEqual($may_view, $set['user']->hasPermission('administer comments'));
+    }
   }
 
 }