This is expected behaviour indeed.
Index privileges only apply for action requests which carry index names. The clear scroll API does not carry index names, but only cursor IDs (see Clear scroll API | Elasticsearch Guide [8.4] | Elastic ).
Thus, despite its name, indices:data/read/scroll/clear needs to be considered as a cluster action.