Summer of Standards: Digital Product Passport
What is the Digital Product Passport?
The Digital Product Passport (DPP) is a key initiative under the European Union’s sustainable product policy framework. It aims to digitally capture and share product-related data across the entire value chain—from production to end-of-life. The DPP will enable better-informed decisions by consumers, facilitate circular economy practices, and support regulatory compliance by making product information accessible, reliable, and interoperable.
What is the relevance for Belgian technology companies?
The DPP is relevant for any company that manufactures, imports, distributes, or sells physical products in the EU—especially in sectors like electronics, textiles, batteries, and construction. While upcoming regulations will first make DPPs mandatory for batteries and textiles, other sectors such as electronics and materials like aluminium are expected to follow in the coming years. Companies in these industries should start preparing now to ensure compliance and stay ahead of future requirements.
Why is standardisation relevant for the DPP?
Standardisation ensures that DPPs work consistently across sectors and systems, making it easier to trace products and share information throughout their lifecycle. It helps businesses and regulators access reliable data, while protecting sensitive information through clear rules on access and security. To support the regulatory framework, the European Commission has issued a standardisation request towards CEN and CENELEC, to develop horizontal standards to support the creation of different DPPs.
Where are DPP standards being developed?
CEN-CENELEC Joint Technical Committee 24 (JTC 24) Digital Product Passport framework and system has been appointed as the main responsible committee for developing these standards. Given the very tight timeline, work is progressing very fast on the 8 different request standards. Currently, a public enquiry is ongoing, so stakeholders can provide their feedback on the different standards.
What standards are being developed?
1. Unique Identifiers
This standard defines how to assign persistent, unique identifiers to products, economic operators, and facilities. It supports different levels of granularity (model, batch, item) and allows both centralized and decentralized identifier systems. The goal is to ensure traceability and interoperability across the supply chain while accommodating existing identifier systems.
2. Data Carriers and Links
This standard outlines how physical products are linked to their digital passports using data carriers such as barcodes, QR codes, or RFID. It specifies technical requirements like encoding, durability, and error correction, and mandates that carriers include both public and restricted data links. It also ensures offline accessibility through embedded basic data elements.
3. Access Rights, Security, and Confidentiality
This standard defines how access to DPP data is managed, ensuring that only authorized stakeholders can view or modify specific information. It includes rules for identity management, cybersecurity, and data protection, and supports the transfer of access rights during events like repairs or resale. The standard aligns with EU data protection and cybersecurity regulations.
4. Interoperability
This standard ensures that DPP systems can function across different platforms, sectors, and countries. It includes semantic rules (e.g., consistent naming and units), metadata models, and a common information model to support dictionary systems. The aim is to enable seamless data exchange and integration throughout the product lifecycle.
5. Data Processing and Exchange
This standard defines how data is structured, exchanged, and updated within the DPP system. It covers protocols for data transmission, rules for modifying passport content, and compatibility with existing data models and formats. This ensures that DPPs can be efficiently maintained and integrated into existing digital infrastructures.
6. Data Storage and Persistence
This standard addresses how DPP data is stored and archived, with a focus on decentralized systems. It ensures that data remains accessible even if the original economic operator ceases operations. The goal is to support long-term traceability and regulatory oversight.
7. Authentication and Integrity
This standard ensures that DPP data is authentic, reliable, and tamper-proof. It defines mechanisms for verifying data origin, managing identifiers, logging verifier access, and using digital signatures or verifiable credentials. This is critical for preventing fraud and ensuring trust in the DPP system.
8. APIs for Lifecycle Management
This standard defines how APIs should be built to manage DPPs—covering creation, reading, updating, deletion (CRUD), and remote querying. It includes specifications for syntax, security, performance, versioning, and scalability. These APIs enable integration with national authorities, registries, and other digital services.
Want to know more? If you would like to have more information on the contents of the standards, or want to participate to the enquiry don’t hesitate to reach out to jelle.hoedemaekers@agoria.be.
