Today’s edition is on the house…….Enjoy

Two mandates, one turning point

Fifty years ago, a packet of chewing gum scanned at a Marsh supermarket in Troy, Ohio inaugurated the barcode era. The UPC that emerged from that moment has since been printed on hundreds of billions of products, and it has done exactly one thing: encode a twelve-digit number for a price lookup. That narrow purpose was always a feature as much as a limitation. Simplicity drove universal adoption.

That era is ending. Two separate but deeply complementary initiatives are reshaping the information layer of global retail simultaneously: GS1 Sunrise 2027, the global industry-led transition to 2D barcodes at the point of sale, and the EU Digital Product Passport (DPP), a legally-binding regulatory framework that turns product data transparency into a compliance requirement for the European market. Together, they represent the most consequential standards shift in retail technology since the barcode itself.

GS1 Sunrise 2027: the mandate decoded

GS1 Sunrise 2027 is an industry-coordinated initiative, not a government regulation, but that distinction is narrowing by the month. The goal is straightforward: by December 31, 2027, every retail point-of-sale system globally must be capable of scanning and processing 2D barcodes — QR codes built to the GS1 Digital Link standard, or GS1 DataMatrix codes — alongside traditional 1D formats.

The practical pressure comes not from GS1 itself but from major retailers. Walmart, Target, Kroger, Woolworths, and more than 60 other chains have committed to piloting or requiring 2D scanning. When the largest retailers in your category tell suppliers to ship 2D-ready products, voluntary becomes commercially mandatory. Tesco became the first major UK supermarket to formally replace EAN codes with QR codes in April 2026, a milestone that signals the transition is no longer theoretical.

The minimum requirement under Sunrise is that POS systems can extract the GTIN from a 2D code. But that floor is a starting point. The real value proposition is what comes next: a single code that can carry batch numbers, expiration dates, serial numbers, URLs, and any GS1 Application Identifier data the brand or manufacturer chooses to include.

The dual-barcode transition period

GS1 is explicit about one key operational reality: the 1D barcode is not being switched off. Until 90% of POS scanning infrastructure is 2D-capable, manufacturers must run both codes on packaging. This dual-label requirement has packaging, print quality, and cost implications that many brands are still underestimating. GS1’s official guideline requires that the QR code sit adjacent to the existing UPC so that retailers who have not yet upgraded scanners do not miss a scan.

The 90% threshold is significant because it means the old barcode will likely remain on packaging through at least 2028 or 2029 for most product categories, even if retailers hit the 2027 scanning readiness target. Brands treating Sunrise as a packaging redesign project will encounter this reality quickly; it is, in fact, a data infrastructure project that happens to touch the package.

EU Digital Product Passport: what the regulation actually requires

Unlike Sunrise 2027, the Digital Product Passport is binding law. It sits inside the EU’s Ecodesign for Sustainable Products Regulation (ESPR), Regulation EU 2024/1781, and applies to any product sold in the European market regardless of where it is manufactured. An American brand selling electronics through an EU-based marketplace, a Chinese apparel supplier shipping to a German retailer: both are in scope.

The DPP is a structured digital record — accessible via QR code, NFC, or RFID attached to the physical product — that documents a product’s materials, manufacturing origin, carbon footprint, repairability, recyclability, and end-of-life guidance. It must remain accurate and accessible throughout the product’s lifecycle, not just at the point of first sale.

Importantly, the EU Central DPP Registry is scheduled to go live on July 19, 2026. From that date, manufacturers of in-scope product categories can begin registering product data. The registry’s launch gives companies approximately seven months to begin populating compliant passports before the first hard enforcement deadline.

Product categories and enforcement dates

Key Milestones: A Unified Timeline

Impact on the retail industry

The scale of operational change these two initiatives demand is broadly underestimated. On the Sunrise side, more than 60 major retailers have committed to piloting or requiring 2D barcode scanning at POS, with Walmart, Kroger, and Woolworths among those already testing 2D-enabled checkout lanes. Yet the ecosystem of mid-market and regional grocers, pharmacies, and specialty chains has barely begun infrastructure assessments. On the DPP side, the EU Central DPP Registry opens July 19, 2026 — giving manufacturers in scope categories a fixed and immovable starting gun that many have not yet planned around.

Sunrise 2027 is not just a compliance exercise. By encoding batch numbers, expiry dates, and serial data directly in the scanned code, 2D barcodes address operational problems that have cost retailers significant margin for decades: expired product on shelf, slow recall execution, and inventory visibility gaps throughout the supply chain.

Technology changes required

The technology investment these mandates require is broad and touches infrastructure layers that retailers have not overhauled in a decade or more. GS1’s own implementation guideline notes that Sunrise 2027 “will require software upgrades and may require equipment upgrades if the POS scanner is not already imager capable.” The phrase “may require” is doing significant work; the reality for most legacy scanner estates is that equipment replacement is unavoidable.

POS scanner hardware

Traditional laser scanners read 1D barcodes only. 2D scanning requires optical imager-based hardware. Retailers must audit their entire estate — checkout, self-scan, handheld, back-of-house — and identify which units are imager-capable versus requiring replacement. Coordination with hardware and software vendors is essential because not all imaging scanners are automatically Sunrise-compliant.

POS and ERP middleware

Reading the 2D code is only half the problem. POS and ERP systems must parse the GS1 Digital Link string and extract the GTIN, expiry date, batch number, and any additional Application Identifiers. A hardware upgrade without a middleware update leaves richer data on the floor. Most legacy POS middleware was built around 12-digit GTIN lookups and needs significant extension.

Product data management (PIM)

The DPP requires structured, verified, lifecycle-accurate data for every in-scope SKU. Organizations without a robust Product Information Management system will find manual data collection unsustainable at scale. Suppliers and retailers must define data ownership clearly: who maintains fiber composition records, who updates the carbon footprint when manufacturing changes, and who controls the consumer-facing URL content the QR code resolves to.

Packaging print infrastructure

2D barcodes require higher print resolution than 1D codes. Manufacturers printing expiration dates and batch numbers dynamically — essential for fresh food — need variable-data coding systems capable of generating GS1-compliant 2D codes at line speed. Pre-printed packaging cannot accommodate dynamic data, making online coding technology the required upgrade path for perishable categories.

DPP registry and data hosting

The EU Central DPP Registry opens July 19, 2026, and requires manufacturers to register product data in a machine-readable, internationally standardized format. The technical standard references GS1 Digital Link with GTIN as the recognized identifier pattern under ESPR. Organizations will need API integration between their internal product data systems and the registry, plus ongoing data governance to keep passport records current.

Supply chain data exchange

Both initiatives demand upstream supplier data that many retail buyers have never systematically collected. Lot numbers, manufacturing locations, carbon data, material certifications — this information has to flow from Tier 1 and Tier 2 suppliers through to the retailer’s systems. EDI and supplier portal upgrades are frequently the longest lead-time item in a Sunrise/DPP readiness program.

The GS1 Digital Link convergence

One technical reality that simplifies the dual-mandate problem is that GS1 Digital Link is the recognized product-identifier standard under both frameworks. The same QR code that resolves to a price lookup at a retail POS can resolve to a DPP data record for a regulator, a sustainability summary for a consumer, or a recycling instruction page in the appropriate language for any market. The code is physically printed once. What it shows depends on who scans it and from which system.

This convergence means that retailers and brands investing in GS1 Digital Link infrastructure are simultaneously building the technical foundation for DPP compliance in EU markets. The challenge is that this single-code approach requires more sophisticated backend architecture than either initiative demands individually: the resolver must be maintained, the data it points to must stay current, and the access rules for different audiences must be correctly configured.

My Final Thoughts……..

The retailers and brands that will be best positioned in 2028 are those that have stopped thinking about Sunrise 2027 and the DPP as separate compliance projects and started treating them as the foundation of their product data infrastructure for the next decade.

The commercial risk of non-compliance with Sunrise is concrete: retailers requiring 2D-ready products will deprioritize, delist, or charge back products that arrive without compliant codes. The regulatory risk of DPP non-compliance in EU markets is market exclusion through CE marking denial for in-scope categories. Neither consequence is theoretical by 2027.

The upside case is equally real. The same data infrastructure that satisfies a GS1 scanner at Kroger and an EU DPP regulator also powers anti-counterfeiting programs, enables dynamic markdown and waste reduction at POS, supports direct consumer engagement through a smartphone scan, and provides the traceability layer that verifiable sustainability claims require. This is not the story of a barcode swap. It is the story of retail finally building the product data layer it has needed for twenty years.

Time to begin: now. Most hardware procurement, ERP middleware upgrades, and supplier data onboarding programs require 12 to 18 months of lead time. For the December 2027 deadline, the effective last date to initiate a full infrastructure program without extraordinary cost is the end of 2025 — a window that has already closed for organizations that are still assessing.

Sources: GS1 Global Industry Endorsement Statement (June 2024) • GS1 2D in Retail POS Implementation Guideline • EU ESPR Regulation 2024/1781 • EU Battery Regulation 2023/1542 • EU ESPR Work Plan (April 2025) • GS1 DPP Provisional Standard • CIRPASS-2 EU DPP Core Ontology (March 2025)