The authorization service returns a default public ACL for mediapackages without an XACML attached to the mediapackage as fallback strategy. But when the same mediapackge is assigned to a series there is no fallback, so an empty XACML is returned, which lead to an inaccessible recording after publishing. To avoid this we should implement a fallback for medipackages assigned to a series too. This can be easily implemented by getting the ACL directly from the series service.
All this is just exception handling, because in general XACML shouldn't be deleted from a mediapackage, but it can happen by external services or by hand.