The Digital Product Passport: Built Before It Is Defined
The passport’s technical machinery is arriving on schedule while textile content rules slip, leaving brands building against a moving target.
Before this decade ends, most clothing sold in the EU will carry a small code that opens a file on the garment behind it: what it is made of, where it was made, how it can be repaired, and what should happen to it after its last wear. The file is the Digital Product Passport, created by the EU’s Ecodesign for Sustainable Products Regulation. In June 2026 the project sits in an odd position. The technical machinery is arriving on schedule, while the rules on what a textile passport must contain have slipped toward 2027 and will not bind most companies before 2028. The industry is being asked to build the pipes before anyone says what will flow through them.
A file that travels with the garment
The passport is a digital record tied to a physical product through a data carrier: a QR code, an NFC chip, or an RFID tag. The carrier itself holds almost nothing. It is a doorway to data stored elsewhere, and the design’s central idea is that one file serves several readers, each seeing a different slice. The ESPR names those readers: consumers, professional repairers, recyclers, resale operators, customs, and market surveillance authorities. A shopper scanning a hangtag sees composition and care guidance. A repair workshop sees construction details. A sorting facility sees the material data that decides whether a coat becomes fibre again or fuel. A customs system sees declarations of conformity. The cycle below follows one passport through the moments of use the regulation provides for, from production to recovery.
One law, many pieces
The legal construction is simpler than its vocabulary. The Ecodesign for Sustainable Products Regulation (ESPR), Regulation (EU) 2024/1781, in force since 18 July 2024, is a framework law: it creates the passport as a legal object and writes the rules common to every product category. The content of each category’s passport arrives later, through a delegated act, a separate piece of law the Commission drafts per product group. Think of the ESPR as a constitution and the delegated act as the chapter on clothes; until the chapter is written, brands know the passport is coming without knowing what goes in it.
Inside the ESPR, a handful of articles carry the weight; the table below maps all seven. Two decide more than the rest. Article 13 creates the central EU registry and is the piece vendors oversell most often: the registry stores identifiers only and works as a routing layer, while the product data stays on systems run by the brand or its provider. Article 22 is the one smaller companies will lean on: it promises proportionate pathways and support measures, and the duty itself stays.
One neighbouring law changes what the passport is worth. Directive (EU) 2024/825, the Empowering Consumers for the Green Transition Directive, will ban generic environmental claims such as “eco” or “climate neutral” from 27 September 2026 unless recognised proof stands behind them. From that date a sustainability claim needs an evidence trail, and the passport is built to be that trail. The two laws arrive separately and meet on the same hangtag.
The dates that matter
The calendar splits into two tracks, and the timeline below separates them. The infrastructure track is fixed and close: the first six technical standards were published on 27 May 2026, the EU registry must be operating by 19 July 2026, and the first live passport arrives on 18 February 2027, when the Battery Regulation (EU) 2023/1542 makes passports mandatory for batteries placed on the EU market. Batteries go first, and the textile system will inherit whatever that first run teaches about registries and large-scale data flows.
The content track moves. The Commission’s ESPR Working Plan, adopted on 16 April 2025, put textiles in the first group of product categories, with the textile delegated act foreseen in 2027 and obligations applying after a transition period. That places enforceable textile requirements in 2028 at the earliest, and the pattern of slippage so far argues for later.
Who has to comply
Any company placing textile products on the EU market falls inside the system, wherever its production happens. The obligation attaches to roles along the chain: the manufacturer when it sits in the EU, otherwise the importer or an authorised representative the foreign producer appoints inside the Union. A brand selling into Europe through wholesale or a marketplace should assume that someone in its chain will carry the legal duty and will come asking for product data. Article 22 promises smaller companies proportionate pathways and support measures; the duty itself stays.
France already runs a working version. Decree 2022-748, adopted under AGEC, France’s 2020 anti-waste law, requires environmental disclosure for consumer products, and since 1 January 2024 its thresholds reach every producer with more than 20 million euros of turnover from covered products and more than 10,000 units placed on the French market in the previous year. The two figures below matter beyond France, because they show how a regulator decides who feels a disclosure rule first, and they give textile brands a preview of the data discipline the EU passport will demand.
What goes inside the passport
No one can list the final textile data fields yet; the delegated act will set them. What exists is the method that will produce the list. The Joint Research Centre, the Commission’s in-house science service, published that method in March 2026 as report JRC145830, and the textile act is expected to be drafted line by line against it.
Every passport rests on unique identifiers covering the product, the company behind it, and the site that made it. Around those sit the data categories: what the product is, what it is made of including recycled content, which substances of concern it contains and where they sit, how durable and repairable it is, what a recycler needs at end of life, and pointers to information other EU laws already collect. The JRC applies one test to every candidate field: name the user who needs it and the decision it serves, or it stays out. Fields that pass are sorted into tiers running from essential to voluntary, set out in the table below. Where data already exists under REACH or the EU Ecolabel, the passport links to it, so nothing is reported twice.
One passport per model, per batch, or per garment?
The quietest open question is the most expensive one. A passport can describe a model, where every garment of one style shares a file; a batch, where one production run shares it; or an item, where each physical garment carries its own. The ESPR allows all three and leaves the choice to each delegated act.
The choice decides what the passport can do. A repair can only be logged against a specific garment. A resale listing can only carry verified history if the history belongs to one item. Recycling improves when the file describes the actual piece in hand. Item level is where the circular use cases live, and it is also where the record count explodes: a mid-sized brand moves from thousands of model files to millions of item files, each needing data someone must supply. Who may write to a passport after sale, the owner, the brand, or a repairer, is a further question the delegated act has yet to answer.
The institutions preparing the system disagree. CIRPASS-2, the Commission-funded pilot programme running from May 2024 to April 2027 with 49 partners and 13 pilots, has built toward item-level identification as the system’s destination, since unit data is what resale and repair functions run on. The JRC’s 2026 methodology pushes the other way, treating granularity as a principal cost driver and warning against requirements that depart from current industry practice. The Commission will settle the question in the delegated act, and the economics point toward a split outcome: batch level as the floor where no unit-level business case exists, item level where resale, rental, repair, and luxury authentication already pay for unit tracking. The heatmap below sets out what each level enables and what it costs.
How a scan travels
The wiring already has a shape. A scan reads an identifier from the carrier. The EU registry confirms that the identifier exists and routes the request onward, holding no product data of its own. The data sits on a platform the brand operates or rents, and from there the path forks: a person receives a readable page, while customs systems, recyclers, and other approved actors pull structured data through standard interfaces.
The standards behind that wiring landed this spring. CEN and CENELEC, the European standardisation bodies, published the first six DPP system standards on 27 May 2026, covering identifiers, carriers, data exchange, storage, interfaces, and interoperability; standards for access rights and authentication remain in final draft, expected later in 2026. The table below lists all eight. On paper these documents are voluntary. In practice, once the Commission cites them in the Official Journal, building to them grants a presumption of conformity with the ESPR’s technical requirements, the legal shortcut that turns a technical document into the rulebook every vendor follows. Interoperability, the least glamorous word in the series, is the commercial protection: any authorised system can read any passport, and a brand that switches providers keeps its data.
What it costs and where it hurts
The visible part is cheap: a printed code on a care label. The expensive part is everything the code points to. Most brands hold verified data on their direct suppliers and little beyond them, and the passport asks for the layers they do not see: fibre origin, facility identity, substance locations, process-level information, all of it attributable and checkable. The Commission’s preparatory project CIRPASS tried to price this in its 2024 study on SME costs and benefits and could not: the providers it interviewed declined to give figures for commercial reasons or did not yet know them. The study’s clearest finding is the choice smaller companies will face, building the capability themselves or delegating it to a passport-as-a-service provider, and a market is already forming around that gap. The JRC’s 2026 methodology treats the volume and granularity of data collection as the system’s main cost variable, and its warning, set out below, is the closest an EU institution has come to naming the risk.
Verification raises the bar further. A typed claim of recycled content will need certification or authenticated evidence behind it, because the same data may have to survive a claim challenge under Directive 2024/825 after September 2026. When something fails, Article 74 of the ESPR sends enforcement to Member States, which set their own penalty levels; fines and exclusion from public procurement are both among the instruments. No company yet knows its number on either side of that ledger. The CIRPASS-2 pilots running through April 2027 are the closest thing the sector has to price discovery, and the delegated act that follows them will be written with their cost data on the table.
Sources↓
Regulation (EU) 2024/1781 (Ecodesign for Sustainable Products Regulation), 2024.
European Commission, ESPR Working Plan 2025-2030, adopted 16 April 2025.
European Commission Joint Research Centre, JRC145830, Methodology for defining data requirements for the Digital Product Passport, 2026.
CEN-CENELEC JTC 24, EN 18216, EN 18219, EN 18220, EN 18221, EN 18222, EN 18223, published 27 May 2026; FprEN 18239 and FprEN 18246 in final draft.
Regulation (EU) 2023/1542 (Batteries and Waste Batteries), Article 77, 2023.
Decree 2022-748 under the AGEC law, France, 2022; thresholds in force from 1 January 2024.
Directive (EU) 2024/825 (Empowering Consumers for the Green Transition), 2024.
CIRPASS Consortium, A study on DPP costs and benefits for SMEs (D5.2), March 2024.
CIRPASS-2 project, May 2024 to April 2027.
Related on Prefall
