diff --git a/app/controllers/issues_controller.rb b/app/controllers/issues_controller.rb
index 23d3992f1..42aff7e26 100644
--- a/app/controllers/issues_controller.rb
+++ b/app/controllers/issues_controller.rb
@@ -325,6 +325,8 @@ class IssuesController < ApplicationController
         issue = orig_issue
       end
       journal = issue.init_journal(User.current, params[:notes])
+      journal.private_notes = params[:private_notes] if params[:private_notes]
+      (render_403; return false) if journal.private_notes && User.current.allowed_to?(:set_notes_private, issue.project) == false
       issue.safe_attributes = attributes
       call_hook(:controller_issues_bulk_edit_before_save, { :params => params, :issue => issue })
       if issue.save
diff --git a/app/views/issues/bulk_edit.html.erb b/app/views/issues/bulk_edit.html.erb
index 7e10d03b6..127ddadb4 100644
--- a/app/views/issues/bulk_edit.html.erb
+++ b/app/views/issues/bulk_edit.html.erb
@@ -193,6 +193,8 @@
 <fieldset>
 <legend><%= l(:field_notes) %></legend>
 <%= text_area_tag 'notes', @notes, :cols => 60, :rows => 10, :class => 'wiki-edit' %>
+<%= hidden_field_tag :private_notes, false %>
+<%= check_box_tag :private_notes, true, false, :no_label => true %> <label for="private_notes" class="inline"><%= l(:field_private_notes) %></label>
 <%= wikitoolbar_for 'notes' %>
 </fieldset>
 </div>
diff --git a/test/functional/issues_controller_test.rb b/test/functional/issues_controller_test.rb
index 34d353263..1d0d2e0b8 100644
--- a/test/functional/issues_controller_test.rb
+++ b/test/functional/issues_controller_test.rb
@@ -5578,6 +5578,36 @@ class IssuesControllerTest < Redmine::ControllerTest
     assert_redirected_to :controller => 'issues', :action => 'index', :project_id => 'ecookbook'
     assert_equal 'Moving two issues', Issue.find(1).journals.sort_by(&:id).last.notes
     assert_equal 'Moving two issues', Issue.find(2).journals.sort_by(&:id).last.notes
+    assert_equal false, Issue.find(1).journals.sort_by(&:id).last.private_notes
+    assert_equal false, Issue.find(2).journals.sort_by(&:id).last.private_notes
+  end
+
+  def test_bulk_update_with_private_notes
+    @request.session[:user_id] = 2
+    post :bulk_update, :params => {
+        :ids => [1, 2],
+        :notes => 'Moving two issues',
+        :private_notes => 'true'
+      }
+
+    assert_redirected_to :controller => 'issues', :action => 'index', :project_id => 'ecookbook'
+    assert_equal 'Moving two issues', Issue.find(1).journals.sort_by(&:id).last.notes
+    assert_equal 'Moving two issues', Issue.find(2).journals.sort_by(&:id).last.notes
+    assert_equal true, Issue.find(1).journals.sort_by(&:id).last.private_notes
+    assert_equal true, Issue.find(2).journals.sort_by(&:id).last.private_notes
+  end
+
+  def test_bulk_update_with_private_notes_without_set_private_notes_permission
+    @request.session[:user_id] = 2
+    Role.find(1).remove_permission! :set_notes_private
+
+    post :bulk_update, :params => {
+        :ids => [1, 2],
+        :notes => 'Moving two issues',
+        :private_notes => 'true'
+      }
+
+    assert_response 403
   end
 
   def test_bulk_update_parent_id