As stated in X.501 L.4:

"If granted, allows entries, including all subordinates, to be relocated at the designated location in the DIT
in a ModifyDN operation. Import is only meaningful as prescriptive ACI."

However our current implementation considers also entry ACIs that includes Import permissions.

Here is a code snippet from our implementation:

Collection destTuples = new HashSet();
        addPerscriptiveAciTuples( proxy, destTuples, oriChildName, entry );
        addEntryAciTuples( destTuples, entry );
        addSubentryAciTuples( proxy, destTuples, oriChildName, entry );
        engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(), oriChildName, null,
            null, IMPORT_PERMS, tuples, entry );

The line
addEntryAciTuples( destTuples, entry );
needs to be removed in from the relevant code parts.