Previously, if view access to a resource (entity) was denied for the current user, you would get a 403 response if you were GETting the individual resource or a partial 403 (a 403 in meta.errors) when GETting a resource collection.
Now, if the current user has view label access to a resource (entity), you'll get a 200 response (both individual & collection), with only the label attribute.
Key example: it's always forbidden to view the anonymous user (User entity zero), but view label is allowed. This makes sense: the anonymous user has no profile, we just know it's labeled "anonymous" (and this is configurable).
Which resource types? (entity types)
In Drupal core, there are at the time of writing 3 resource types (entity types) implementing view label access:
user--user(User)menu--menu(Menu)date_format--date__format(DateFormat)
See the Drupal core change record introducing this API in Drupal 8.1.0: https://www.drupal.org/node/2661092.
