CEN-CENELEC Publishes Six Standards for the EU Digital Product Passport
CEN and CENELEC have published six horizontal standards for the EU Digital Product Passport. The EN 18xxx family defines identifiers, data carriers, exchange protocols, storage, APIs and interoperability, giving DPP projects a common technical foundation.
Horizontal Standards Define How a DPP Works
The standards were developed by CEN/CLC/JTC 24 under European Commission standardisation request M/604 and presented publicly on 25 June 2026. They translate the system-level requirements of the Ecodesign for Sustainable Products Regulation into modular technical specifications.
The standards are product-agnostic. They define how a Digital Product Passport is identified, accessed, exchanged, stored and interpreted. They do not determine which information an individual product must carry. These data requirements remain part of the delegated acts for specific product groups.
Six Published Standards Cover the Core DPP Functions
EN 18216:2026: Data exchange protocols
Defines protocols and machine-readable formats for exchanging DPP data securely and interoperably across systems. The standard is intended to support open data exchange without dependence on one supplier.EN 18219:2026: Unique identifiers
Specifies unique identifiers for products, economic operators and facilities. Product identification can be implemented at model, batch or individual-item level.EN 18220:2026: Data carriers
Defines requirements for the physical-to-digital connection, including optical 2D codes, RFID tags and NFC chips. It also addresses encoding, reading quality, error correction, durability and carrier placement.EN 18221:2026: Data storage, archiving and persistence
Covers storage, historical versions, backups and the long-term accessibility of product passport information.EN 18222:2026: APIs and lifecycle management
Specifies APIs for finding, resolving, retrieving and managing DPP information throughout the passport lifecycle.EN 18223:2026: System interoperability
Establishes semantic, technical and organisational rules so product information can be understood and reused across platforms, sectors and enterprise systems.
Two complementary security standards remain under formal vote until 16 July 2026. prEN 18239 covers access rights, information-system security and business confidentiality. prEN 18246 addresses data authentication, reliability and integrity.
From the Product Carrier to the DPP Data
A typical DPP interaction begins with the carrier governed by EN 18220. EN 18219 supplies the identifier, while EN 18222 defines the API and link-resolution layer. EN 18223 supports consistent interpretation, EN 18216 governs data exchange, and EN 18221 addresses storage and persistence.
The modular architecture allows individual components to be implemented or replaced separately. For system integrators and end users, this reduces dependence on proprietary end-to-end platforms and supports the combination of interoperable components.
Relevance for DPP Implementation Projects
System integrators can now map identifier schemes to EN 18219, data-carrier selection to EN 18220, and API and interoperability architectures to EN 18222 and EN 18223. For RFID and NFC providers, EN 18220 is the central standard for integrating wireless identification into the physical-to-digital link.
The standards themselves are voluntary. Once cited as harmonised standards in the Official Journal of the European Union, their correct application can support a presumption of conformity with the corresponding ESPR requirements.
Read more at: https://eudigitalproductpassport.org/updates/cencenelec-dpp-standards