diff --git a/pount/apps/api/tests/api/test_item.py b/pount/apps/api/tests/api/test_item.py
index 2b2247f4e537d5950ef0cb38f337372f36991665..14b493fb0eb0ce292f13683cf43cf8a159dfbf7c 100644
--- a/pount/apps/api/tests/api/test_item.py
+++ b/pount/apps/api/tests/api/test_item.py
@@ -290,7 +290,7 @@ class ViewItemTest(SetUpMixin, APITestCase):
         user = User.objects.create_user("user")
         self.client.force_login(user)
         response = self.client.get(reverse("item-detail", kwargs={"pk": self.private_item.pk}))
-        self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
+        self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
 
     def test_set_must_be_public_to_view_public_item(self):
         self.public_item.set = self.set
diff --git a/pount/apps/api/tests/api/test_item_export.py b/pount/apps/api/tests/api/test_item_export.py
index eb9aa0098c2f82e2bc5c1c87db27487445d5922b..633e9d2d14d0ab6acdb19740e5b2cc9da3b9d567 100644
--- a/pount/apps/api/tests/api/test_item_export.py
+++ b/pount/apps/api/tests/api/test_item_export.py
@@ -108,7 +108,7 @@ class XmlExportTest(SetUpMixin, APITestCase):
     def test_other_project_member_can_not_export_xml(self):
         self.client.force_login(self.project2_member)
         response = self._get_response()
-        self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
+        self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
 
     def test_view_returns_exported_datacite_xml(self):
         self.client.force_login(self.creator)
diff --git a/pount/apps/api/views/item.py b/pount/apps/api/views/item.py
index c17f41747489692808be71530169b5bd20f290e0..dbd622e0282df59fef6884149a71bea3d2539df0 100644
--- a/pount/apps/api/views/item.py
+++ b/pount/apps/api/views/item.py
@@ -49,7 +49,8 @@ class ItemViewSet(ThumbnailMixin, viewsets.ModelViewSet):
 
     def get_queryset(self):
         queryset = super().get_queryset()
-        queryset = queryset.is_public_or_user_is_project_member(self.request.user)
+        # There is no need to filter. If the user has access to the set, they can access the items
+        # queryset = queryset.is_public_or_user_is_project_member(self.request.user)
         if self.action == "retrieve":
             # we need the parent objects to determine if it can be shared
             queryset = queryset.select_related("set", "set__project")
diff --git a/pyproject.toml b/pyproject.toml
index 6537df4a84af2985e394bc9b451eebff5af9ab82..1ddedd4ee518027fc60ba6d5765281cd58c89c0b 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -23,7 +23,7 @@ extend_skip_glob = ["pount/apps/*/migrations/*"]
 
 [tool.poetry]
 name = "pount-api"
-version = "3.1.8"
+version = "3.1.9"
 description = ""
 authors = ["DIP - Université de Strasbourg <dnum-dip@unistra.fr>"]
 readme = "README.md"
diff --git a/setup.py b/setup.py
index 7126bc9d2a66f5cf092aa0d318e4b41fa79818c9..96f29dfd613a5b5d69c929a853c60eba6f00d962 100644
--- a/setup.py
+++ b/setup.py
@@ -1,7 +1,7 @@
 from setuptools import find_packages, setup
 
 NAME = "Pount"
-VERSION = "3.1.8"
+VERSION = "3.1.9"
 
 
 setup(