Hello,
Thank you so much for posting here.
It is not possible to hide phone numbers from the GAL. If we do not want most of people to be able to see the sensitive information, adding them in AD may not be the right option.
Here are the similar cases for your reference:
https://social.technet.microsoft.com/Forums/en-US/dcfbfbd8-ed95-4291-8f9c-fe42a8c20bec/hide-phone-number-attribute-in-ad?forum=winserverDS
https://social.technet.microsoft.com/Forums/en-US/47d55232-15d9-44de-9bc8-e122673ad7dc/hiding-phone-number-in-gal?forum=onlineservicesexchange
We could deny access to the attribute for people querying your AD by updating the permission on the OU containing the users. Below is my test: the user U2 will not be able to access the phone number information of user 11.
Open AD users and computers
Select the Users OU (In my case, it is ou1), right click user account 11 and select properties
Select the Security Tap
Select Advances button
Select the ADD button and add the users or groups you do not want them to access the phone number attribute (In my case, it is user U2)
Then, from the list with the permissions entries, select the users or group we just added (user U2)
In the Type checkbox, select: Deny
In the Applies to dropdown box select: This objects only
Click "Clear all" and then check "Read Telephone Number".
Then this user U2 will not be able to access the Phone number information of user 11. For example:
For any question, please feel free to contact us.
Best regards,
Hannah Xiong