Six DPP standards gain presumption of conformity
What the Official Journal publication of six DPP standards on 15 July 2026 changes for ESPR implementation.
Six DPP standard references are now in the Official Journal
On 15 July 2026, the Commission published Implementing Decision (EU) 2026/1736. It publishes the references of six harmonised standards for digital product passports (DPPs) drafted in support of the ESPR, Regulation (EU) 2024/1781.
The distinction matters. CEN/CENELEC published the documents as EN standards in May 2026; Decision 2026/1736 then published their references in the Official Journal. That second step triggers the effect in ESPR Article 41(2).
Standards covered by the Decision
- EN 18216:2026 — data exchange protocols;
- EN 18219:2026 — unique identifiers;
- EN 18220:2026 — data carriers;
- EN 18221:2026 — data storage, archiving and persistence;
- EN 18222:2026 — APIs for product-passport lifecycle management and searchability;
- EN 18223:2026 — system interoperability.
These are horizontal DPP-infrastructure standards: identifiers, carriers, data, APIs and system interoperability. They do not by themselves set every sector’s complete data set.
What the presumption of conformity means
A DPP that conforms to one of these standards, or part of one, benefits from a presumption of conformity with ESPR Articles 10 and 11 — but only to the extent that the standard covers those requirements. It helps demonstrate technical compliance; it is not a product certificate or automatic evidence of compliance with all EU law.
A company may use another technical solution, but must then demonstrate that it meets the legal requirements. Harmonised standards remain voluntary; the change is in the evidence burden, not in sector-specific obligations.
What the Decision does not change
- It does not create a DPP obligation for every product group; sectoral timing and data still come from the relevant delegated acts or sector-specific regulations.
- It does not mean that every product carrying a QR code is ESPR-compliant.
- It does not yet include the JTC 24 work on access rights, security, authentication and data integrity: FprEN 18239 and FprEN 18246.
- It does not replace the separate battery-passport rules. Article 77 of the Batteries Regulation still governs its QR code and identifier, and changing the standards named there requires a separate delegated act.
What companies should do now
- Map current identifiers, data carriers, archiving, APIs and data export against the six standard areas.
- Retain technical evidence and architecture decisions: the presumption follows actual conformity, not merely naming an EN number.
- Avoid claims of “full DPP compliance” unless the relevant sectoral requirements and remaining technical elements are also covered.