I. Is there a national act containing a legal definition of Automated Administrative Decisions?

The first question is whether there is a national act containing a legal definition of automated administrative decisions. Generally, the answer is negative. No provision within the Austrian legal system — neither the Federal Constitution nor any law, regulation, or other type of general legal act (especially in procedural law) — contains a general definition of what the Austrian legal system understands by an “automated decision.” Even the so-called E-Government Act¹ does not contain such a (general) definition, since it regulates only electronic communication between citizens and public authorities, not the issue of automated decision-making.

The Austrian Data Protection Act³ appears to be the only statute containing a directly relevant definition. As part of the implementation of Directive (EU) 2016/680, a provision on automated decision-making based on the processing of personal data for the prevention, investigation, detection or prosecution of criminal offences, or the execution of criminal penalties, was adopted as Article 2 § 41 of the Austrian Data Protection Act. However, that provision aims to regulate the phenomenon of an authority making a decision based on automated processing rather than to provide a standalone definition of fully automated decision-making: essentially, the text of the Directive is reproduced.⁴

In summary, the term “automated administrative decision” does not appear explicitly in the Austrian legal system. Digital algorithms—the subject of this study—do not play a major role in legislation: there are only a few isolated provisions (for example, certain healthcare documentation rules require the use of the SHA-256 hash function to generate irreversible unique hash values).