"The first rule of Fight Club is - you do not talk about Fight Club. The second rule of Fight Club is - you DO NOT talk about Fight Club."
Some companies take the Fight Club approach with their data centers. You DO NOT talk about the data centers. One of these companies is Wal-Mart, which has piqued the curiosity of the media with its closed-mouth response to curiosity about the company's 125,000 square foot data center in Joplin, Mo. The Joplin Globe describes it as a "building that Wal-Mart considers so secret that it won't even let the county assessor inside without a nondisclosure agreement." Wal-Mart gladly supplied them with more ammunition. "This is not something that we discuss publicly," Wal-Mart senior information officer Carrie Thum told the paper. "We have no comment. And that's off the record."
The Globe isn't afraid to speculate, however:
Wal-Mart's ability to crunch numbers is a favorite of conspiracy theorists, and its data centers are the corporate counterpart to Area 51 at Groom Lake in the state of Nevada. According to one consumer activist, Katherine Albrecht, even the wildest conspiracy buff might be surprised at just how much Wal-Mart knows about its customers - and how much more it would like to know.
While the paper never fills in the complete picture, Albrecht is a leading authority on the use of RFID tags (which she calls "spychips") and the privacy issues raised by the growing movement to include RFID tracking capabilities in a wide range of products. Wal-Mart is among the pioneers in the use of RFID for inventory management. Albrecht supposes that the data center may be involved in storage of RFID data or video of customer behavior.
The notion that the Joplin center guards some deep, dark secret quickly spread into the blogosphere, getting picked up by AOL's Blogging Stocks.
I understand that some companies don't want to discuss data centers. If your company is one of them, maybe it would be best to deflect press inquiries casually rather then going into a paranoid defensive posture (i.e. insisting that your "no comment" is off the record). Most folks believe that security by obscurity is hard to accomplish nowadays. Nonetheless, some facility operators get very exercised about the secrecy of their data centers.
I once got a call from a large institution insisting that we not identify the state in which their data center was located. Not the street address mind you, the state. This person felt that even identifying the state presented a security risk. What made this even stranger was that this organization had purchased the facility through a bankruptcy auction, and the sale agreement (including the address) was a public record. The Fight Club approach doesn't work too well once that much information is public, but some facility operators will persist in invoking it anyway.