The New EU Digital Product Passport Registry Draft: What Companies Need to Prepare For

Disclaimer: This document is based on a draft version of the Implementing Regulation (Ref. Ares(2026)4424976). It has not been adopted or endorsed by the European Commission. The views expressed are preliminary and do not represent an official position of the Commission.

Based on the draft European Commission implementing regulation, the EU is establishing a central Digital Product Passport (DPP) registry to securely store unique identifiers and monitor product compliance. To register or update a DPP, companies must comply with strict new identity and data requirements.

As part of the Ecodesign for Sustainable Products Regulation (ESPR), the Digital Product Passport was introduced to provide easy access to digital information related to a product’s sustainability, circularity, and legal compliance. The new implementing arrangements now add a critical operational layer: mandatory registration, identity verification, and semantic validation. For many companies, this marks a significant shift. Digital Product Passports are no longer just about storing sustainability data but are becoming regulated digital infrastructure.

Verified Identities Become Mandatory for DPP Registration

One of the most important developments in the draft regulation is the introduction of strict identity verification requirements for economic operators and value chain actors. Under the draft, only “verified economic operators” will be allowed to register or modify Digital Product Passports in the EU registry. Verification requires high-assurance identity mechanisms such as:

• Qualified electronic seals (Q-Seals)

• Qualified electronic signatures

• Electronic Attestations of Attributes (QEAAs)

• eIDAS-compliant electronic identification methods with assurance level “high”

  
  

This is highly significant because it effectively connects Digital Product Passports with the emerging European Business Wallet ecosystem under eIDAS 2.0.

The regulation also introduces recurring verification cycles. Verified status will expire after a maximum of three years, requiring operators to repeat the verification process to maintain registry access.

Furthermore, the draft introduces automated semantic conformity checks before a Digital Product Passport can be registered. According to the draft, the Commission will automatically verify whether submitted DPPs contain the required mandatory information, comply with the required granularity levels, and use valid qualified electronic signatures or seals. 

What the New Registry Requirements Mean for Companies

The draft regulation makes clear that the DPP ecosystem is evolving into a regulated trust infrastructure. What started primarily as a sustainability transparency initiative is rapidly becoming a core compliance layer for companies within the European single market. 

Spherity helps companies operationalize Digital Product Passports in line with emerging EU registry requirements. Our Digital Product Passport (DPP) solution supports the entire product lifecycle, from rapid prototyping to full-scale. Integrating seamlessly with the EU Business Wallet, it also supports eIDAS 2.0 for secure identity and access control, and connects to trusted ecosystems like Catena-X and Manufacturing-X for interoperable, cross-company data exchange. ​

Read the White Paper: Preparing for the EU DPP Registry

The new registry draft introduces far-reaching implications for manufacturers, suppliers, and digital identity infrastructure providers, particularly around verified identities, semantic conformity, interoperability, and automated compliance validation. Our latest white paper provides a concise overview of the key requirements introduced by the draft regulation and outlines how companies can prepare for the next phase of Digital Product Passport compliance. Access the full white paper here.