I'm running into a strange problem with Microsoft Teams and Exchange Online Address Book Policies.  There have been posts about preventing students from emailing faculty members, and similar situations, and using Address Book Policies to prevent that.

So consider the situation where I have a Faculty Group and a Student Group.  I've set up Address Book Policies for both groups, and applied them.  Fine.  Only Faculty appears in the Faculty members' address lists, and only Students appear in the Students' address lists.  That all works.

However... it seems that if we're using Microsoft Teams, Address Book Policies can be easily bypassed.

Consider the situation where a Microsoft Team exists, with a faculty person (or people) as the team owner, and students as team members.  When that happens, when such a team exists, the student can create a new chat, and do a search in the Teams client, and locate that faculty member.  If the student then clicks the search result to actually add the faculty member to the chat, the student can then hover over the added faculty member and view their email address and contact information right from their mailbox record.  This is possible, by the way, even with Role-based chat controls enabled, and even when the faculty member is set to be hidden from address lists tenant-wide.  In just a few clicks, a member of one segment can access the address of a member of another segment simply because they're in a team together.  (And from there, it's easy for the student to open EXO OWA and link to the faculty person through their own contact card under the organization/works-with section.)

I've followed the procedures and verified that Address Book Segmentation is otherwise working perfectly - this seems to be something of a "back door" to let segmented users view the addresses of users in other address book segments, just because they happen to share a Team relationship.

Has anyone else encountered this?  Is there a way to prevent this?  Am I just confused?