BinaryLane Legal & Regulatory Position
BinaryLane is Owned and Operated by Mammoth Media Pty Ltd (ABN 51 101 844 955 ), an Australian IaaS cloud hosting provider. This article explains our position under key Australian legislation and regulatory frameworks, and what that means for your data.
Australian Privacy Act 1988
Status: Applies - fully compliant
BinaryLane complies with all 13 Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth). Key points for customers:
- Data residency: All customer data is stored in Australian data centres by default. Customers who explicitly provision servers in our Singapore region have their data stored in Singapore by their own choice - we do not transfer data overseas on our own initiative.
- Account ownership: Your BinaryLane account belongs to the registered account holder. We will not disclose account information or grant access to third parties without either (a) your written consent, or (b) a valid Australian court order or law enforcement warrant. We do not honour informal requests, emails from third parties claiming ownership, or requests from overseas jurisdictions without proper legal process.
- Notifiable Data Breaches (NDB): We comply with the NDB scheme. In the unlikely event of an eligible data breach, we will notify both affected customers and the Office of the Australian Information Commissioner (OAIC) as required by law.
Our full privacy policy is available at binarylane.com.au/privacy-policy.
Telecommunications Act 1997
Status: Not a Carriage Service Provider (CSP)
BinaryLane is an Infrastructure-as-a-Service (IaaS) hosting provider, not a telecommunications carrier or carriage service provider. This has been confirmed by legal counsel following a formal inquiry from the Australian Federal Police (AFP) in February 2025.
What this means for customers:
- BinaryLane is not subject to mandatory data retention obligations under the Telecommunications (Interception and Access) Act 1979.
- We do not retain or provide telecommunications metadata to law enforcement agencies.
- Any request for customer data from law enforcement requires a valid warrant or court order - not a simple authorisation.
BinaryLane provides server hosting and cloud infrastructure. Our customers access the internet through their own arrangements - we provide the compute, storage, and networking for their servers, not internet access to end users.
Security of Critical Infrastructure Act 2018 (SOCI)
Status: Not a designated critical infrastructure entity
BinaryLane participates in the Australian Signals Directorate's (ASD) Cyber Hygiene Improvement Programs (CHIPs) as a voluntary participant. The CHIPs programme explicitly states it has "no connection to the Department of Home Affairs Security of Critical Infrastructure Act 2018 (SOCI) or obligations involved with the Act."
BinaryLane has not been designated as a critical infrastructure entity by the Department of Home Affairs. We participate in CHIPs because we believe in proactive security, not because we are required to by law.
ISO 27001:2022 Information Security
Status: Implemented - certification in progress
BinaryLane has implemented an Information Security Management System (ISMS) aligned to ISO/IEC 27001:2022. Our ISMS covers:
- 115 security controls (93 Annex A technical/organisational controls + 22 management system clauses)
- Formal risk register with documented treatment plans
- 37 controlled policy and procedure documents with version history
- Quarterly management reviews and internal audit programme
- Dedicated compliance tracking system
We are currently preparing for formal Stage 1/Stage 2 certification audit.
Data Centre Security
All BinaryLane infrastructure is collocated in ISO 27001-certified third-party data centre facilities:
Provider | Sites | Certification |
NextDC | Sydney (S1), Brisbane (B2), Melbourne (M2), Perth (P1), Adelaide (A1) | ISO 27001, SOC 2, Tier IV |
Equinix | Singapore (SG3) | ISO 27001, SOC 2 |
Physical security at these facilities includes biometric access control, 24/7 on-site security, CCTV monitoring, and environmental protections (fire suppression, redundant power, flood mitigation). Mammoth Media staff require Managing Director approval and facility-specific training to access any data centre.
ASD Cyber Hygiene (CHIPs)
Status: Active participant
BinaryLane is an active participant in the Australian Signals Directorate's CHIPs programme. ASD conducts quarterly external assessments of our public-facing infrastructure, covering:
- Internet-facing vulnerabilities
- Open ports and services
- Website and email encryption
- Other actionable cyber hygiene issues
Findings are reviewed and remediated by our infrastructure team. This programme provides independent, government-backed assurance of our external security posture.
Encryption Standards
BinaryLane employs encryption across layers of the platform:
- Management traffic: All internal system access is Encrypted, no management interfaces are exposed to the public internet.
- Customer-facing services: TLS 1.2/1.3 for all web interfaces, APIs, and customer portals.
- Sensitive data at rest: LUKS full-disk encryption for compliance systems. Programmes in place for additional systems but we recommend personal LUKS encryption stores or similar for Sensitive Content.
- Inter-site connectivity: Private backbone for inter-data-centre traffic (not traversing the public internet).
Network Sovereignty
BinaryLane operates its own Autonomous System (AS133159) and manages its own IP address space. We peer directly at Australian internet exchanges (IX Australia) in Sydney, Melbourne, Brisbane, Perth, and Adelaide, as well as Singapore IX. Our primary transit is via our internet partners and peers with additional private backbone connectivity between sites.
This means your traffic stays on Australian networks by default and is not routed through overseas infrastructure unless your server is provisioned in Singapore or your end users are connecting from overseas.
Questions?
If you have questions about our legal or regulatory position, data handling practices, or security controls, please contact us:
- General enquiries: binarylane.com.au/support
- Security matters: security@binarylane.com.au
- Privacy matters: privacy@binarylane.com.au
Last updated: March 2026