How is the boundary for Category 1 determined?

We have noted the distinction between different categories of service and the fact that the criteria for the categories will be set down in regulations. Schedule 4 requires the regulations to contain rules relating to number of users and about functionality[1] (but not business ethos or character of the service). This may mean that is would not be possible to designate a service purely on the basis of its size, or on the basis of its riskiness. Does it mean that a small but very, very risky platform (e.g. chat roulette with video capability) could never be Category 1, or that a super-dominant platform could not be Category 1 by virtue of its size alone?

Note that similar types of criteria are used to determine the boundaries of Category 2A and 2B services, though this boundary has significance only for the transparency reporting duty. It is unclear how this system will cope with services that scale rapidly.

[1] Functionality is defined at cl 135(1)