The EU toolbox for e-commerce (COM(2025) 37): the digital product passport as a control tool in online marketplaces

Communication COM(2025) 37 is soft law: it does not create new obligations, it coordinates the existing framework against low-value imports. Its section 2.4 positions the ESPR digital passport as a control tool at customs.

• Communication COM(2025) 37 final (CELEX 52025DC0037) is soft law: it does not create new legal obligations; it coordinates the enforcement of the existing framework (DSA, GPSR, Reg 2019/1020, ESPR) against the surge of low-value imports (≤EUR 150).
• In 2024, 91% of consignments ≤EUR 150 entering the EU came from China, rising from 1.9 to 4.17 billion articles; Temu and SHEIN surpassed 75 million users in the EU [section 1].
• Critical point (section 2.4): "most physical goods placed on the EU market or put into service will require a DPP". The ESPR digital passport (Reg 2024/1781) is framed as a supervision instrument, not just one of transparency.
• The DPP central registry connects with the customs single window (EU Single Window, Reg 2022/2399): control shifts from ex-post physical sampling to ex-ante digital validation. Textiles are among the first groups of the ESPR delegated act (~2027).

What Communication COM(2025) 37 is

Communication COM(2025) 37 final, identified under reference CELEX 52025DC0037, is a strategic guidance document of the European Commission. Its legal nature falls within soft law: it does not legislate, it does not create new legal obligations and it does not impose direct requirements on economic operators. Its function consists in organising the interpretation and coordinating the enforcement of the existing regulatory acquis against the increase of imports sent directly to European consumers. The text diagnoses an operational tension at the Union's external borders: the market surveillance infrastructures face a volume of goods that overwhelms traditional customs controls.

The document bases its analysis on data from Community customs surveillance. Section 1 establishes that "In 2024, 91% of all e-commerce consignments with a value of up to EUR 150 that entered the EU came from China and their volume more than doubled between 2023 and 2024, rising from 1.9 billion to 4.17 billion articles". The EUR 150 threshold corresponds to the exemption from customs duties for low-value consignments. The text correlates this escalation with the expansion of third-country platforms: it names Temu and SHEIN, which reached more than 75 million users in the EU within a few months of 2024.

In the face of this reality, the Commission does not propose drafting additional directives. The premise of the document is that the Union's legal framework is comprehensive and sufficient to regulate the entire life cycle of an imported product. The deficit is located in the compliance architecture and in the coordination between national authorities. Therefore, the Communication functions as a manual for market surveillance authorities, customs administrations and digital-services coordinators to apply the rules jointly, abandoning isolated controls in favour of a systemic approach that penalises sellers who evade the costs of guaranteeing material quality and chemical safety.

The responsibility framework of online marketplaces

The control architecture that the Communication requires to be applied rests on the intersection of three hard-law regulations already in force. The first is the Digital Services Act (DSA, Regulation (EU) 2022/2065), which regulates the responsibility of intermediary-service providers. The DSA eliminates the liability exemption for online marketplaces when the consumer is induced to believe that the platform is the direct seller, and establishes proactive obligations such as the duty to know its business customer: collect the identity of traders, verify their registration data and require a self-certification of compliance before authorising marketing.

The second pillar is the Regulation on general product safety (GPSR, Regulation (EU) 2023/988), which shifts operational burdens to cross-border platforms. The GPSR obliges online-marketplace providers to designate a single point of contact for communication with market surveillance authorities, and to manage orders to remove dangerous products without undue delay. Non-compliance with these duties triggers national sanctioning regimes.

The third component is the Regulation on market surveillance and compliance of products (Regulation (EU) 2019/1020). Its Article 4 establishes that certain products subject to harmonisation legislation cannot be placed on the Union market unless there is an economic operator physically established in a Member State that assumes legal responsibility —manufacturer, importer, authorised representative or fulfilment-service provider—, acting as guarantor of the technical documentation and interlocutor before the authorities. The Communication orders these three regulations to operate as a unified matrix: the traceability of the seller in the interface (DSA), the removal of dangerous products (GPSR) and the presence of a legal operator on European soil (market surveillance) cease to be applied in isolation.

The DPP as a control instrument

Section 2.4 of the Communication, dedicated to improving supervision capacity through digital tools, is where environmental-sustainability policy connects with the enforcement of customs control. In this heading, the text frames the Digital Product Passport (DPP) established by the ESPR Regulation (Regulation (EU) 2024/1781) as a central instrument for the surveillance of e-commerce, and declares that "most physical goods placed on the EU market or put into service will require a DPP". This formulation positions the passport far from its original conception as a mere vector of ecological transparency, positioning it as a technical entry barrier to the single market.

The legal architecture of the ESPR underpins this projection. Article 9 conditions the marketing or putting into service of the regulated products on their having a digital passport available and compliant. The Regulation further provides for a centralised digital registry that stores the unique identifiers of the product, the economic operator and the facility, not the complete passport. The operability of border control is consolidated in the interconnection between that registry and the Union's single-window environment for customs (EU Single Window, established by Regulation (EU) 2022/2399).

The Communication projects the use of this infrastructure to curb irregular imports. Whoever intends to release for free circulation a regulated good will have to provide the customs authorities with the DPP registry identifier, which will be verified automatically against the central database before authorising physical entry. This integration allows risk profiles to be applied and non-compliant consignments to be halted systematically. The digital passport thus transforms ex-post customs control, based on physical sampling, into ex-ante digital validation: without the positive cross-check of data between the customs system and the ESPR registry, the article imported through an online marketplace is immobilised at customs.

Textiles as the first group and the closure of the asymmetry

The operational application of this control ecosystem begins with the fashion sector. The Ecodesign and Energy Labelling Working Plan 2025-2030 (COM(2025) 187 final) classifies textile products, with special attention to clothing and footwear, as the first priority in the category of final products, due to their potential for improvement in durability, material efficiency and reduction of climate impact and waste. The harm of the current model is quantifiable: the Communication itself notes that the garment industry loses close to EUR 12 billion in annual sales —5.2% of its turnover— due to the entry of products that do not comply with the standards.

The inclusion of textiles in the first wave of ESPR delegated acts responds to a motivation of competitive balance. The current asymmetry harms European manufacturers and traditional importers, who bear the costs of the acquis on chemical toxicity (REACH) and of contributions to the extended-producer-responsibility systems. Meanwhile, direct shipment from third countries de facto circumvents these barriers through the splitting of cargo and the use of the EUR 150 de minimis threshold. Section 2.1.2 of the Communication addresses this mismatch and argues the need to reform the system to ensure that "e-commerce actors from outside and inside the EU would be subject to the same rules".

The digital passport operates in this context as an equalising mechanism. By configuring compliance with ecodesign parameters as a technical condition for clearing customs, the ESPR cancels the competitive advantage of deregulation at origin. A non-EU manufacturer marketing garments through a cross-border platform will have to collect the same chain of data —composition, recycled content, substances of concern, durability— as a brand based in the Union. Without the injection of those data into the identifier linked to the central registry, the consignment will be blocked: the same burden of proof falls on the unit sent by express courier as on the container cleared by maritime transport.

Calendar and what to watch

The transition towards this ex-ante control scenario requires watching the legislative calendar. The ESPR parent Regulation (2024/1781) entered into force on 18 July 2024, but its effective application depends on the sequential adoption of delegated acts. The most relevant milestone is the first ESPR working plan, published in April 2025 (COM(2025) 187 final), which sets the priority of the textile sector and starts the technical deadlines for developing the ecodesign criteria and the data requirements of the digital passport.

In parallel, the ESPR activates a mandate with closed deadlines that affects fashion. Article 25(1) prohibits the destruction of unsold consumer products listed in Annex VII —which includes clothing, accessories and footwear—. This ban acquires binding force on 19 July 2026 for large enterprises; medium-sized ones have an additional period until 19 July 2030, and micro and small enterprises are exempt except for the risk of circumvention. In turn, Article 24 obliges non-exempt companies to disclose annually the number and weight of unsold products discarded, with their reasons.

Regarding the enforceability of the digital passport, the specific delegated act for textile products has an adoption horizon set indicatively around 2027. The safeguard clause of Article 4(4) of the ESPR is essential: the application date of a delegated act will not be earlier than 18 months from its entry into force, except in duly justified cases. Operating with these margins, the strict requirement of the textile DPP at Community customs would materialise towards the end of the decade.

Analytical reflection

Communication COM(2025) 37 does not legislate, but it reveals the Commission's enforcement doctrine against cross-border algorithmic commerce. The text certifies that the Union has abandoned the strategy of pursuing individual non-compliant consignments through ex-post surveillance. The ineffectiveness of intercepting low-value parcels at destination has forced a turn towards the automatic denial of access at the digital layer. The digital passport ceases to be conceived solely as a consumer-oriented sustainability label to become, in practice, a customs-authorisation protocol.

The affirmation that most physical goods will require a DPP shifts the burden of proof towards the importer or the online marketplace. The administration no longer has to demonstrate that a product is dangerous or unsustainable through random tests; it is the commercial operator who must demonstrate conformity by injecting structured data into the Union registry before issuing the consignment. To understand the exact legal scope of these obligations it is worth reviewing the architecture of the textile digital product passport, which subjects this industry to the steepest adaptation curve of the European framework.

The supervision model requires brands, regardless of their size or distribution model, to maintain rigorous traceability of their supply chains. The viability of generating a passport per batch or article depends on a data integration with suppliers and assemblers in third countries. The timeline of the delegated acts that trigger these obligations is detailed in the ESPR Working Plan 2025-2030, and the discussion on a horizontal digital passport —beyond textiles— is addressed in the analysis of the horizontal DPP of the single market. The interconnection between the central registry and the customs single window ensures that any deficiency in the data serialisation results in the physical blockage of the goods.