If the subscriber doesn’t have access to specific fields referenced in the query SELECT clause, then those fields aren’t included in the notification. If the subscriber doesn’t have access to all fields referenced in the query WHERE clause, then they will not receive the notification.
For example, assume a user tries to subscribe to a PushTopic with the following Query value:
SELECT Id, Name, SSN__c FROM Employee__c WHERE Bonus_Received__c = true AND Bonus_Amount__c > 20000
If the subscriber doesn't have access to Bonus_Received__c or Bonus_Amount__c, the subscription fails. If the subscriber doesn’t have access to SSN__c, then it won’t be returned in the notification.
If the subscriber has already successfully subscribed to the PushTopic, but the field-level security then changes so that the user no longer has access to one of the fields referenced in the WHERE clause, no streamed notifications are sent.