I think this actually does add some more information:
1. It states that Ofcom MUST (my emphasis) consider the size and risk level, which I don't recall before. It doesn't say "should" or anything that is a get-out.
2. This leads onto "higher-risk services" must take more stringent measure compared to low-risk. This confirms the multi-tier approach and where Ofcom will be more focussed. Why would Ofcom be focussed on low-risk providers?
3. It also confirms that "additional duties will not apply to smaller services in the scope of the art".
Letters like this from senior politicians are written by civil servants and will be reviewed by other senior civil servants. Its entirely possible 4-5 civil servants have edited this and produced this as a template. Words like "must" are very carefully checked and whilst mistakes are made, I'd be very surprised if this letter was thrown together quickly. I am not a civil servant but my better half was and used to write letters like this for ministers and for briefing packs. If Peter Kyle's team has put this together, it will be be accurate and carefully worded. Ministers absolutely hate having to go back and correct something, thats actually an understatement TBH. If they don;t have to commit to something they will, this is a surprisingly good letter in my opinion.
This reinforces my view that Bass isn't big enough to be important in this context. Thats not a slur on the excellent job the mods do and the many people who contribute it this, but the target of the act is Facebook (Meta), WhatsApp (Meta) Google (Alphabet), YouTube (Alphabet) TikTok, Instagram (Meta), X, BlueSky, SnapChat, WeChat, Reddit, SnapChat. Meta and X will have problems IMHO.
My worry here is Ofcom, they are the regulators and they could choose to be complete arseholes and decide that Meta is too big for them, so they'll go for easier targets and build up case law and then go after the big ones. Its easier to go toe-to-toe with Meta having won a few smaller cases in the courts and got precedent on your side.
The mods need to take some precautions and do a risk assessment. I haven't seen the Digital Support Service pack yet, but will have a look at it later this week. This might help. It may be worth the mods pulling together a working group of IT professional and legal people with govt experience to help and assist them.
Doing nothing is 100% the wrong option, I would suggest:
1. A working group is pulled together to look at this. Otherwise all the work falls on one or two people. Having other people provide input means that multiple people look at the info and try and parse what is probably dry civil servant legalese.
2. Identify what Basschat MUST do based on what is known.
3. Identify what Basschat MIGHT need to do as it's a bit unsure.
4. Pull a plan together to get to the goal, which is to submit what is needed to Ofcom but that puts Basschat in the low risk area.
There's more to it than the four steps above but it's a start.
Rob