4 min read Regulation digital-product-passport espr dpp-registry eu-regulierung gs1-gtin implementing-regulation

EU Commission Publishes Draft Implementing Regulation for the DPP Registry

On April 29, 2026, the EU Commission released its draft Implementing Regulation for the central Digital Product Passport Registry. Here's what manufacturers need to know now.

by QR3 Redaktion

EU Commission Publishes Draft Implementing Regulation for the DPP Registry

Background: Why a Central Registry?

The Ecodesign for Sustainable Products Regulation (ESPR, EU) 2024/1781, which has been in force since July 2024, establishes the legal foundation for the Digital Product Passport (DPP). It requires manufacturers and importers of certain product categories to provide a machine-readable passport containing product-related sustainability, repairability, and materials information. The central Registry is not a data store for that content — it is a directory that links unique identifiers to their respective resolver endpoints.

On April 29, 2026, the European Commission published the draft Implementing Regulation for the DPP Registry. This draft specifies how the Registry is to be operated — technically and organizationally — and what obligations economic operators will face.

What the Registry Stores — and What It Doesn't

Only UIDs and Resolver Endpoints

A common misconception is that the central Registry holds complete DPP data. That is explicitly not the case. According to the ESPR, the Registry stores exclusively:

  • Unique Identifiers (UIDs): the distinct product identifiers
  • Resolver endpoints: the URLs at which the actual DPP can be retrieved
  • Commodity codes: to support customs procedures and market surveillance

Product-related data — material composition, carbon footprint, repair instructions — remains with the manufacturer or a service provider they have engaged. The Registry therefore functions as a decentralized directory, not a central database. This approach aligns with the GS1 Digital Link principle, in which a structured URI points to distributed data sources.

Access Rights by Actor Group

The draft draws a clear distinction between user groups:

  • General public / consumers: read access to the resolver URL and product category
  • Market surveillance authorities: extended access for enforcement purposes
  • Customs authorities: use of commodity codes in the context of import procedures
  • Economic operators (manufacturers, importers): write access for registering and updating their UIDs

This role structure is relevant for technical integration: systems that manage DPP data — for example, via a bulk-import workflow — must account for the Registry API's authentication requirements.

Requirements for Unique Identifiers

Recognized Identification Systems

The draft specifies that UIDs must conform to a recognized identification system. The following are explicitly named:

  1. GS1 GTINs (Global Trade Item Numbers) — the most widely used international standard for product identification in trade
  2. ISO/IEC 15459-compliant codes — an international standard for unique identifiers in supply chains

For manufacturers already using GS1 barcodes or GS1 Digital Link-enabled QR codes, the migration path is relatively straightforward: the GTIN forms the core identifier that is registered in the Registry. A typical GS1 Digital Link URI looks like this:

https://id.example.com/01/04012345678901/21/XYZ123

Here, 01 represents the GTIN and 21 the serial number. This URI can be stored directly as the resolver endpoint in the Registry.

Implications for Proprietary Identifiers

Companies that currently use proprietary item numbers without any connection to GS1 or ISO/IEC 15459 will need to revisit their identification strategy. The draft leaves no room for non-standardized UIDs. This particularly affects small and medium-sized manufacturers that have not previously used any formal product identification scheme.

Archiving Requirements and Operational Implications

At Least 10 Years After Placing on the Market

The ESPR requires that Registry entries remain available for at least 10 years after the product was last placed on the market. In practice, this means:

  • UIDs may not simply be deleted once a product is discontinued
  • Resolver endpoints must remain accessible throughout the entire archiving period
  • Manufacturers are responsible for ensuring data availability even after a corporate restructuring or sale

This requirement has direct implications for hosting arrangements and contract design. If you host DPP data with a third-party provider, you must contractually ensure that the data remains available for the entire product lifecycle — and beyond.

Technical Stability of Resolver URLs

An often-underestimated aspect: resolver URLs must be stable. Domain changes, URL path restructuring, or switching hosting providers can cause existing Registry entries to break. Dynamic QR codes — where the physical code is decoupled from the underlying URL — address this problem at the product level, but they do not solve the issue of registration in the central Registry, where the resolver endpoint is explicitly recorded.

Timeline and Next Steps

Consultation Phase and Entry into Force

The draft published on April 29, 2026 is currently in the consultation phase. Industry associations, standards bodies, and member states may submit comments. The final entry into force of the Implementing Regulation depends on this process as well as on the delegated acts that will define the specific DPP obligations for individual product categories.

The ESPR itself provides that the first product-specific legal acts — expected to cover textiles and batteries — will take effect in 2026 and 2027. For those categories, the Registry will then become immediately relevant.

What Manufacturers Should Do Now

Regardless of when the regulation ultimately enters into force, you can take concrete preparatory steps today:

  1. Review your identification strategy: Are your existing item numbers GS1- or ISO/IEC 15459-compliant? If not, plan a migration.
  2. Build resolver infrastructure: Where will DPP data be hosted? Are the URLs stable and secured for the long term?
  3. Develop an archiving concept: How will you ensure that data remains retrievable 10+ years after a product is discontinued?
  4. Prepare for API integration: The Registry will offer a machine-readable interface. Internal systems (PIM, ERP) should be capable of submitting UIDs and resolver URLs in an automated fashion.

Assessment: What the Draft Achieves — and What Remains Open

The draft provides important clarity on the architecture of the central Registry and the requirements for UIDs. However, it does not yet answer all outstanding questions:

  • Fee model: It is unclear whether registration fees will apply and, if so, at what level
  • Registry operator: Who will technically operate the central Registry — an EU agency, a member state, or an appointed third party — has not yet been determined
  • Interoperability with national systems: Some member states have already launched their own pilot projects; how these will be harmonized with the central Registry remains open

For companies planning their DPP implementation, it is advisable to monitor the ongoing legislative process closely. The Commission's consultation documents as well as the positions of GS1 and the relevant industry associations will significantly shape the final design.

Sources

Related posts

← All articles Get started free