Last issue I talked about Sun's recent announcement of plans to release all of its identity products as freely downloadable software. The news reminded me of a recent conversation I'd had with Sun's VP of Identity (I DO love that title!), Sara Gates. It was, in fact, an extended conversation - beginning in e-mail, continued on the phone, then rounded out on our respective Weblogs.

The discussions revolved around a recent Harris Poll survey, commissioned by Sun, that explored people's attitudes towards identity theft, identity fraud and data breaches.

News stories written about the poll (such as "Fear of identity theft bad for business, survey finds" by Network World affiliate IDG News Service) used data from a Sun press release (augmented, usually, by a telephone interview). That's how I was approached. But I then asked for a copy of the Harris Interactive report, which was provided.

In the press release, after preliminary explanatory information, the first results were listed as:

* 34% of American adults have either been a victim of identity theft or know someone who has been victimized.
* 44% of Americans think that victims of identity theft were careless with their personal information.
* 83% of American adults think people are more susceptible to identity theft around the holiday season.
* Yet, nearly two thirds of Americans plan to shop online this holiday season - with 14% planning to do more than half of their holiday shopping online.

That "yet" implies to me that the "identity theft" talked about was something that occurred online or because of online activity. Yet the Harris report shows that interviewers were told to "define 'ID theft' as someone using your personal information without your permission to commit fraud or other crimes, regardless of whether they obtained your information online, by telephone, in the mail or by any other means." As we saw in the infamous FTC survey on identity theft of a couple of years ago ("What is identity theft?") people who found a phone call on their telephone bill which they didn't remember often characterize themselves as victims of identity theft.

The Harris poll also asked about data theft/breach issues and, as the IDG News Service story reported, "Half of the respondents said they were likely to switch financial institutions if they found out that their personal data stored by the bank had been compromised." But the interviewer was told to "define 'compromised' as lost, stolen or shared without your consent."

Dave Kearns is a consultant and editor of IdM, the Journal of Identity Management.