diff --git a/src/Model/Item.php b/src/Model/Item.php
index 724f61e25..d78001094 100644
--- a/src/Model/Item.php
+++ b/src/Model/Item.php
@@ -201,18 +201,10 @@ class Item
 			return [];
 		}
 
-		if (empty($condition) || !is_array($condition)) {
-			$condition = ['iid' => $pinned];
+		if (!empty($condition)) {
+			$condition = DBA::mergeConditions(['iid' => $pinned], $condition);
 		} else {
-			reset($condition);
-			$first_key = key($condition);
-			if (!is_int($first_key)) {
-				$condition['iid'] = $pinned;
-			} else {
-				$values_string = substr(str_repeat("?, ", count($pinned)), 0, -2);
-				$condition[0] = '(' . $condition[0] . ") AND `iid` IN (" . $values_string . ")";
-				$condition = array_merge($condition, $pinned);
-			}
+			$condition = ['iid' => $pinned];
 		}
 
 		return self::selectThreadForUser($uid, $selected, $condition, $params);
diff --git a/src/Module/Profile/Status.php b/src/Module/Profile/Status.php
index 200e03ca7..421c8accc 100644
--- a/src/Module/Profile/Status.php
+++ b/src/Module/Profile/Status.php
@@ -232,7 +232,18 @@ class Status extends BaseProfile
 		$items = DBA::toArray($items_stmt);
 
 		if ($pager->getStart() == 0 && !empty($a->profile['uid'])) {
-			$pinned_items = Item::selectPinned($a->profile['uid'], ['uri', 'pinned']);
+			$condition = ['private' => [Item::PUBLIC, Item::UNLISTED]];
+			if (remote_user()) {
+				$permissionSets = DI::permissionSet()->selectByContactId(remote_user(), $a->profile['uid']);
+				if (!empty($permissionSets)) {
+					$condition = ['psid' => array_merge($permissionSets->column('id'),
+							[DI::permissionSet()->getIdFromACL($a->profile['uid'], '', '', '', '')])];
+				}
+			} elseif ($a->profile['uid'] == local_user()) {
+				$condition = [];
+			}
+	
+			$pinned_items = Item::selectPinned($a->profile['uid'], ['uri', 'pinned'], $condition);
 			$pinned = Item::inArray($pinned_items);
 			$items = array_merge($items, $pinned);
 		}