Only if you use only visually block certain users from being able to do something with a object. (eg code in templates to decide on who should see edit / delete button based on something else then actually user rights)
Oh, yeah, but then it wouldn't be the best practice in any case, I suppose.
I'm thinking of users' mutual contact book architecture, and wondering of using user IDs directly (rather than providing some id obfuscation) would be acceptable. If not, the only thing comes to my mind capable of handling this level of ID uniqueness would be some hash function on user ID.