DPP Sector Update June 2026: Standards, Steel Draft, and GS1 Pilots

The technical standards are here — and they carry more weight than expected

In early June 2026, the DPP4EU Conference in Brussels sent a signal the industry had long been waiting for: the first harmonized European standards for the Digital Product Passport (DPP) have been published. Developed under the umbrella of CEN/CENELEC JTC 24, the package covers the EN 18216 to EN 18223 standard series — spanning the entire technical infrastructure: unique product identifiers, data carriers, APIs, and interoperability requirements.

Fraunhofer IPK, which played a key role in the standardization work, emphasizes that the framework is deliberately technology-neutral. Whether QR code, RFID, or Data Matrix — the standard does not prescribe a specific data carrier, but it does define what information a carrier must convey and how a resolver service must respond to it. For developers, this means the choice of data carrier is secondary; what matters is the conformance of the underlying data model.

Alongside the publication of the standards, the conference featured the first public presentation of open-source test environments that companies can use to validate their implementations for conformance. This significantly lowers the barrier to entry for smaller suppliers — provided the test suites prove practical in real-world use, which the coming months will reveal.

What the standard series actually covers

The standards can be broadly assigned to three layers:

EN 18220 is particularly relevant for operational implementation: it defines which encoding schemes are permissible — and thereby establishes the normative foundation for implementations such as GS1 Digital Link, which is regarded as the preferred URL-based identifier.

The JRC steel draft: a blueprint document

While the standards set the horizontal framework, the Commission's Joint Research Centre (JRC) provides the first sector-specific preview: a draft DPP for semi-finished iron and steel products. The document is significant for several reasons — and not only for the steel industry.

Batch vs. item level: an underestimated architectural decision

The JRC draft introduces a distinction that is relevant to every DPP implementer, regardless of sector: a systematic separation between data at the batch level (identified by lot number) and data at the item level (identified by serial number).

Specifically, the draft proposes:

• Batch level: recycled content, alloy composition, product-specific carbon footprint (PCF)
• Item level: dimensions, certifications, declarations of conformity

This distinction is not a formality. It has direct consequences for database architecture: if you store all attributes at the serial-number level, you create unnecessary redundancy and maintenance overhead. If you correctly map batch attributes at the lot level, you can manage updates — such as a revised PCF calculation — centrally, without having to touch every individual product record.

According to the draft, the PCF itself is to be calculated using methods compatible with ISO 14067. That is no surprise, but the explicit reference in the sector draft increases pressure on steel manufacturers to standardize their carbon accounting methodology.

For comparison: the Battery Regulation (EU) 2023/1542 — currently the only binding sector act with its own DPP obligations — implicitly acknowledges the batch/item distinction without formalizing it as clearly. The steel draft could become the reference model for future sector acts.

CIRPASS-2: criticism of the registry architecture

The EU-funded CIRPASS-2 consortium has submitted its position on the draft implementing regulation for the central DPP registry. The criticisms are substantive and touch on questions that are relevant to every implementer.

Three core criticisms

Registry governance: The consortium argues that the draft does not adequately define the governance structure of the central registry. Who decides on access rights? How are conflicts between national authorities and the central EU body resolved? Without clear answers, the registry remains a legal risk for companies registering data there.

Data sovereignty in cross-border supply chains: For supply chains spanning multiple jurisdictions, it is unclear which law applies to which data category. This is especially relevant for companies that involve suppliers outside the EU.

Interoperability with existing systems: The consortium explicitly recommends incorporating EN 18219 as a direct reference in the implementing regulation — to ensure that existing identification systems such as GS1 Digital Link can be seamlessly integrated, rather than building a parallel proprietary EU infrastructure alongside them.

This recommendation is politically significant: it would mean the Commission enshrining a de facto private-sector standard (GS1) in binding EU law. Whether that happens will be determined by the final implementing regulation.

GS1 ecosystem: pilots and new software support

Beyond the regulatory developments, the GS1 ecosystem makes clear that implementation work is already well underway.

Fresh produce and item-level serialization

At GS1 Connect 2026, Antares Vision Group and Driscoll's presented a joint pilot for item-level serialization of fresh produce — specifically berries. The pilot converts proprietary QR codes into GS1 Digital Link-compliant data carriers. Technically, this is not groundbreaking, but the scale is noteworthy: fresh products with short shelf lives and high volumes place exceptional demands on the infrastructure.

TEKLYNX CODESOFT and RAIN RFID

TEKLYNX has updated its CODESOFT software to support GS1 "++" encoding schemes (EPC++ and ISO BD). This allows web URLs to be written directly into RAIN RFID tag memory — a requirement that follows from the combination of EN 18220 and the GS1 Digital Link standard. For companies operating RFID-based supply chains, this is a meaningful update: it enables the same tag to be used for both internal logistics and DPP-compliant external communication.

EPR guide from GS1 US

GS1 US has published a guide on standardizing packaging data for Extended Producer Responsibility (EPR) laws at the US state level. The guide recommends GTINs and GLNs as base identifiers. This is relevant for European companies with US operations: if you already structure your packaging data in a GS1-compliant way, you have a head start under both regulatory frameworks.

REACH microplastics: an underestimated parallel development

Somewhat outside the DPP discussion, but closely related from a regulatory standpoint: ECHA published guidance in May 2026 on REACH reporting obligations for synthetic polymer microparticles. The first reporting deadline for manufacturers and industrial downstream users of polymer pellets, flakes, and powders has now taken effect.

The connection to the DPP is not immediately obvious, but it is real: if microplastic data becomes subject to mandatory reporting, it makes sense to store that data in a structured product passport — rather than maintaining it in separate compliance databases. Whether and how the ESPR implementing regulations for plastic products will incorporate this data remains to be seen.

Conclusion: standardization complete, implementation still open

The technical foundations for the Digital Product Passport are in place. CEN/CENELEC has delivered, the JRC's steel draft shows what sector-specific requirements could look like, and early pilots in the food sector demonstrate technical feasibility.

What is still missing is clarity on registry governance and final implementing regulations for most product categories. Companies beginning implementation now should treat the batch/item distinction from the JRC steel draft as a serious architectural principle — it will likely recur across many sector acts. And if you are building on GS1 Digital Link, you are well positioned: the CIRPASS-2 consortium is actively working to write that standard into the mandatory provisions of the implementing regulations.