Summer 2026 marks a turning point in European product regulation. While the ESPR Regulation (EU) 2024/1781 sets the framework for the Digital Product Passport (DPP), product-specific requirements are taking shape in delegated acts — and industry is beginning to realize just how wide the gap is between regulatory text and implementation reality.
What the ESPR Actually Requires — and What It Leaves Open
The ESPR framework regulation is deliberately technology-neutral on one key point: it mandates that the DPP must contain "current and accurate information" — without specifying update frequency, service-level agreements, or a technical specification for data formats. This is not an oversight; it's by design. The European Commission delegates the details to product-group-specific implementing regulations.
The JRC Data Draft as a Benchmark
The data draft from the Joint Research Centre (JRC) for steel products illustrates just how specific these delegated acts can get. It explicitly requires the product-specific carbon footprint (PCF) to be tracked at batch level and calculated using methods compliant with ISO 14067. In practice, this means: if you run an ERP system today without batch-level granularity, you will not be able to achieve compliance for steel — regardless of how elegant the QR code on your product looks.
This gap between the framework regulation and the implementing details is the central misunderstanding in many DPP projects: the ESPR itself is not the problem. The delegated regulations are.
The EmpCo Directive as a Parallel Regime
Running alongside the ESPR, the EmpCo Directive (EU) 2024/825 has been in force since 2024, prohibiting misleading environmental claims in B2C contexts. If you publish sustainability data in a DPP that is not backed by recognized methodologies, you risk not only regulatory non-compliance under the ESPR, but potentially also violations of unfair commercial practices law. The two regimes are not coordinated — a legal gray area that Ecommerce Europe explicitly addressed in its June 2026 position paper: the association calls for flexible data granularity and a phased rollout approach to avoid double burdens on businesses.
Battery Passport 2027: Where Implementation Stands
The Digital Battery Passport is the most fully developed DPP regime to date: from February 18, 2027, it will be mandatory for industrial batteries, traction batteries, and batteries for electric vehicles. That may sound like plenty of lead time — but it isn't.
Practical Challenges According to the Minespider Report
The Minespider Implementation Report 2026 identifies two core practical problems running through the entire supply chain:
- Data fragmentation: Raw material data, cell chemistry data, and recycling rates are held by different actors in different formats. There is no standard interface connecting all tiers of the supply chain.
- Dynamic data updates: The Battery Passport must remain current throughout the entire product lifecycle — including after sale, second-life use, and entry into recycling. Static database entries at the time of market launch are not sufficient.
On June 24, 2026, the BatteryPass-Ready project launched a publicly accessible test environment where companies can validate their DPP solutions against EU requirements. This is an important step — but it is no substitute for the still-pending delegated regulations on specific data fields.
The UK's Department for Business and Trade is simultaneously running a consultation on EU battery regulations — a signal that post-Brexit companies exporting to the EU market must also take these requirements seriously.
Infrastructure: From Regulatory Text to the Production Line
Regulation is one thing; implementation is another. Two recent developments illustrate how the technical infrastructure for DPP-ready products is currently taking shape.
Serialization at Gigascale: Driscoll's
At GS1 Connect 2026, Driscoll's and Antares Vision Group presented a project demonstrating the scalability of item-level serialization: over one billion berry clamshells have been assigned unique identities and are currently migrating to fully GS1 Digital Link-compliant QR codes. The project connects consumer feedback directly to farm-level traceability — and shows that the technical infrastructure for DPP-like applications works even in high-volume segments (Packworld, June 2026).
This is regulatorily significant: GS1 Digital Link is the only internationally standardized URI mechanism that can resolve product ID, batch code, and expiration date from a single QR code scan — making it the foundation for compliant DPP implementations.
Print Infrastructure: Polytag and DataLase
A frequently underestimated challenge is the physical application of QR codes to difficult packaging substrates. The partnership between Polytag and DataLase addresses exactly this: laser-reactive printing technology enables GS1-compliant QR codes to be applied permanently and with high precision to packaging materials that cannot be reliably printed with conventional inkjet — and at production-line speeds. For food and FMCG manufacturers that will need serialized packaging by the DPP mandatory date, this is a relevant piece of infrastructure.
Blockchain-Based Approaches
At the other end of the technology spectrum is an announcement from The Hashgraph Group and Merck: they have launched a DPP on the Hedera network that combines Merck's physical security markers with cryptographic traceability. The approach targets ESPR and EUDR compliance. Whether decentralized ledger architectures can meet the requirements for data availability and updatability across the entire product lifecycle remains an open technical question — the regulation itself does not prescribe a storage architecture.
What Companies Need to Do Right Now
The regulatory landscape breaks down into three areas for action:
1. Identify your product group and clarify your timeline Not all products fall under DPP obligations at the same time. Batteries from February 2027, textiles and electronics in later waves. If you work with the JRC data draft for your product group now, you can close data gaps early.
2. Prepare your data architecture at batch and serial-number level The mistake many early DPP pilots make: they model the passport at the product level, not the instance level. For the Battery Passport, that is insufficient. For steel, too. The question isn't "What fields do I need?" — it's "At what level of granularity do I need to maintain which fields?"
3. Standardize your carrier infrastructure GS1 Digital Link is the de facto standard for DPP-compliant QR codes. If you are still running proprietary QR code systems today without a structured resolver architecture, you are accumulating technical debt. The migration — as seen with Driscoll's — is feasible, but demanding. Tools like the bulk import feature in qr3.app can accelerate the transition for mid-sized product portfolios.
Open Questions and Outlook
EuroCommerce announced a webinar for June 19, 2026 examining the business logic behind the DPP — in particular, the tension between transparency requirements and data privacy. That is symptomatic of where things stand: the regulation has been adopted, the implementation details are being worked out, and industry is still searching for the business model that connects compliance with value creation.
What is certain: the DPP is coming, it will be specified product group by product group, and it will require dynamic data management. If you treat it as a pure compliance project, you will underestimate the infrastructure costs. If you approach it as a data strategy, you have the opportunity to build traceability and customer communication on a shared technical foundation.
