I believe this type of notification is required.
One thing that we did with the directive on automated decision systems was recognize that there are multiple different types of contexts in which these systems are being used and that those have different types of categories of harms. If you have a reference in the legislation like appendix C in the directive, then you'll see that there are different requirements that exist for those different types of harms.
One of the challenges we had when looking to implement it was that people were looking for the acceptable standards or the bar that they'd need to meet. Unfortunately, that wasn't developed. That's what needs to happen now in order to address some of the concerns that you've raised—notification and other types of documentation requirements. That type of additional context is required through additional regulations that support the broader framework of AIDA, and then you need to look at what you do in those contexts for different degrees and categorizations of risk.