diff --git a/db/migrate/20201005084847_agent_customer_permission.rb b/db/migrate/20201005084847_agent_customer_permission.rb
new file mode 100644
index 000000000..ec72f240b
--- /dev/null
+++ b/db/migrate/20201005084847_agent_customer_permission.rb
@@ -0,0 +1,12 @@
+class AgentCustomerPermission < ActiveRecord::Migration[5.2]
+  def change
+
+    # return if it's a new setup
+    return if !Setting.exists?(name: 'system_init_done')
+
+    Permission.where(name: ['ticket.agent', 'ticket.customer', 'chat.agent', 'cti.agent']).each do |permission|
+      permission.preferences.delete(:not)
+      permission.save!
+    end
+  end
+end
diff --git a/db/seeds/permissions.rb b/db/seeds/permissions.rb
index 728b8a688..6c2662ac5 100644
--- a/db/seeds/permissions.rb
+++ b/db/seeds/permissions.rb
@@ -336,16 +336,13 @@ Permission.create_if_not_exists(
   name:        'ticket.agent',
   note:        'Access to Agent Tickets based on Group Access',
   preferences: {
-    not:    ['ticket.customer'],
     plugin: ['groups']
   },
 )
 Permission.create_if_not_exists(
   name:        'ticket.customer',
   note:        'Access to Customer Tickets based on current_user and organization',
-  preferences: {
-    not: ['ticket.agent'],
-  },
+  preferences: {},
 )
 Permission.create_if_not_exists(
   name:        'chat',
@@ -359,7 +356,6 @@ Permission.create_if_not_exists(
   note:        'Access to %s',
   preferences: {
     translations: ['Chat'],
-    not:          ['chat.customer'],
   },
 )
 Permission.create_if_not_exists(
@@ -374,7 +370,6 @@ Permission.create_if_not_exists(
   note:        'Access to %s',
   preferences: {
     translations: ['CTI'],
-    not:          ['cti.customer'],
   },
 )