We generate an OOPS when a 404 occurs *and* the referrer is launchpad itself, or a number of select related sites (like canonical.com). OOPS-1872D1945 was triggered when a staff member followed a link on the wiki to a team which is private and they couldn't see.
This behaviour is correct if launchpad had generated the link - we shouldn't generate links to confidential things someone cannot access. However related sites with static links may put the URL for confidential things so that staff know how to get at the thing *once* they are granted access.
One way to stop this OOPS occuring would be to only care about 404s on referrers from LP (and (dev,help).launchpad.net itself), not related sites. That wouldn't help us fix bad links on those sites - but on the other hand users of those sites are going to seek assistance immediately rather than waiting for intervention.
Another, more complex approach would be to categorise 404s into 'hidden' and 'really not there' and then for hidden cases from not-launchpad-itself squelch the OOPS.
Of these two solutions I suspect the simplest solution is best - but there may be other approaches.
This issue may become moot when implement the disclosure feature. The intent to to permit grant view on teams and projects. The specific case for knowing we are done is when canonical staff can see private canonical teams, bugs, and branches. I believe the 404+oops could only happen for users who are not authenticated.