In a surprise move, the GSMA today announced that it will standardize a new form of embedded SIM. This will allow remote activation and updates. The spec will be ready in January 2011. No word yet on whether or not the IMSI will be changeable after initial activation. This is however a complete reversal from the GSMA's position from the past:
Appendix A of 3GPP TR 33.812 V9.2.0 lists the opinion of the GSMA as
[…]Furthermore, one of the major concerns of MNOs is the potential weakening of the well-established and trusted SIM-based GSM/3G security architecture. Extended OTA (any kind and via any bearer of over the air data download to the USIM) capability to facilitate download of new subscriber keys and possibly authentication algorithms represents such a potential weakening of security.[...] not allowing MNOs to fulfil their obligations towards regulatory and other governmental authorities to guarantee secure authentication and billing.
[…]The only proposal in the TR that was acceptable to GSMA SG representatives was the Alternative 2 where operator change was performed by physical replacement of the UICC in the device.[…]
This would allow the likes of Apple to release mobile phones without removable SIM-cards. The biggest question is of course, why the GSMA changed its position and how much control they are willing to relinquish to the end-user, be they Apple or a smart metering company.
Though this will alleviate the problems I identified in my work on Machine to Machine communication, it's only 1 out of the 4 problems that I identified that now could be fixed (seeing is believing). Customers may be able to switch operators in the future, but roaming, national roaming and innovation, will probably still be limited.