SUMMARY
When a bluetooth device is added to the 'bluetooth device' system settings module, the device is added for all the users of the system.

This implies a security risk. Another user could for example access my phone through bluetooth.

Moreover if two users are logged in at the same time and there is a bluetooth audio device available, this device is shown as connected to both users, but only one of them (at random) is able to output audio to it (could be the one that is not currently active). Not only this, but the other user can listen to the audio stream coming from the session of the other user.

STEPS TO REPRODUCE
1. Log in with user1
2. Pair a bluetooth audio device
3. Play music through the device
4. Switch session, and log in with user2

OBSERVED RESULT
User2 can see that the (audio) device has been paired and use it. Audio from user1 is audible through the audio device.

EXPECTED RESULT
User2 has its own list of bluetooth devices and does not see those of other users.

SOFTWARE/OS VERSIONS
Operating System: Manjaro Linux 
KDE Plasma Version: 5.15.5
KDE Frameworks Version: 5.58.0
Qt Version: 5.12.3
Kernel Version: 4.19.45-1-MANJARO
OS Type: 64-bit