Digital Product Passport Overview

Preamble

The concept of a Digital Product Passport (DPP) originates from the European Union’s Circular Economy Action Plan (CEAP) and is being formalized under the EU Ecodesign for Sustainable Products Regulation (ESPR). The idea originated in 2020's and legally proposed in 2022.

The EU Directive aims to ensure that every physical product placed on the EU market carries a standardized digital passport. This passport makes critical information about the product’s composition, sustainability, environmental impact, and repairability accessible across its entire lifecycle — from manufacturing and distribution to consumers, recyclers, and regulators.

Key milestones and facts:

The ESPR proposal was adopted by the European Commission in March 2022.
Initial focus sectors include batteries, textiles, electronics, and construction materials.
DPPs for these goods are expected to become mandatory starting in 2026–2027, phased by product category.
Each passport is intended to be accessible via QR code and hosted in a common EU registry.

⚠️ Important limitation:
As of today, the EU’s DPP framework applies only to physical goods in the context of circular economy and sustainability.

It does not yet apply to data products, AI products, software artifacts, or digital services.
However, many organizations and standards bodies are now exploring how the concept of a DPP could be generalized to other domains (e.g., financial data, AI models, digital twins) as a means of providing lineage, provenance, and trust signals.

This BPS-aligned DPP Core extends the concept into non-physical domains, providing a structured, interoperable way for Data Products, AI Products, and other digital assets to offer passports for discovery, onboarding, and regulatory oversight.

Purpose

The Digital Product Passport (DPP) is a complementary specification within the Base Product Specification (BPS) family.
Its goal is to provide a flattened, one-shot snapshot of product trust signals at the moment of discovery or onboarding.

Whereas:

PDS (Deployment Specification) describes how a product is provisioned and operated,
PROD (Semantic Specification) provides a linked-data knowledge graph for rich semantic queries,

…the DPP provides an integrated, consumer-ready view that can be inspected via QR codes, APIs, or product marketplaces without requiring further navigation or federated queries.

Core Concepts

Flattened Data

A DPP snapshot inlines data that would otherwise require dereferencing multiple URIs.
For example: lineage, provenance, schema, quality metrics, and policy outcomes are embedded within the DPP payload.
This ensures that when a consumer scans a QR code or calls the DPP API, all relevant signals are immediately available for UI rendering.

Inline vs ByRef

Each DPP section supports two complementary modes:

Inline — flattened, minimal, human-readable payloads for instant consumption.
ByRef — content-addressed URIs pointing to authoritative, larger artifacts (with hash, mediaType, and size).

A DPP producer MUST provide at least one of Inline or ByRef, and MAY provide both.

Sections of a DPP Core Snapshot

A DPP is divided into several trust-bearing sections. Each section supports Inline + ByRef:

Schema: Flattened schema snapshot; or URI to canonical schema file.
Lineage: Flattened graph of nodes/edges; or URI to detailed lineage graph.
Provenance: Flattened ETL/job execution runs; or URI to full provenance logs.
Quality: Flattened aggregates and recent metrics; or URI to full data quality series.
Policy Findings: Inline evaluation outcomes (Pass/Fail/Warn); or URI to detailed reports.
Knowledge Graph: Flattened JSON-LD @graph or triples; or URI to the full semantic product graph.

Lite vs Full DPP

Lite DPP
- Optimized for marketplaces, discovery, and casual inspection.
- Inline sections only, minimal footprint.
Full DPP
- Includes Inline and ByRef, enabling downstream validation, audits, and regulatory checks.
- Provides content-addressed links for provenance, lineage, and knowledge graph integrity.

Relationship to PROD and Knowledge Graphs

DPP: Consumer-facing, flattened snapshot, API-delivered, designed for offline use and UI rendering.
PROD: Semantic, linked, queryable knowledge graph (SPARQL/GraphQL endpoints).
Domain & Enterprise Graphs: Stitch together multiple PRODs into a larger connected knowledge graph, enabling reasoning and cross-product discovery.

The DPP is not a replacement for PROD but a complementary interface:

DPP = snapshot and evidence pack
PROD = semantic graph and reasoning space

Usage Patterns

Pre-Onboarding

Consumer scans QR code → calls DPP API → inspects Inline trust signals.
Helps answer: Who owns this product? Is it trustworthy? What’s its provenance?

Post-Onboarding

Consumer queries PROD for semantic insights, traverses enterprise KG.
Consumer/auditor uses ByRef URIs from DPP to pull deeper logs, lineage, or quality time series.
Regulators can verify integrity using hashes provided in DPP.

Summary

The DPP Core specification ensures that product trustworthiness is immediately accessible at the point of use.
It balances ease of access (flattened Inline data) with rigor (ByRef references to authoritative artifacts).

By embedding DPP into the BPS family, we ensure that every product class (Data, AI, Physical, etc.) can provide a standardized trust passport for discovery, onboarding, and regulatory oversight.

Preamble​

Purpose​

Core Concepts​

Flattened Data​

Inline vs ByRef​

Sections of a DPP Core Snapshot​

Lite vs Full DPP​

Relationship to PROD and Knowledge Graphs​

Usage Patterns​

Pre-Onboarding​

Post-Onboarding​

Summary​