The eSIM Deprovisioning Dilemma: Deleting Isn't Always Deleting

When you tap 'Delete eSIM' on your device, the action feels definitive — a single tap and the profile vanishes from your settings menu. But what actually occurs beneath the surface is far more nuanced. The eSIM deletion process triggers a local removal of the eSIM profile from your device's embedded UICC (eUICC), but this action does not automatically notify the carrier. Your International Mobile Subscription Identity (IMSI) and Integrated Circuit Card Identifier (ICCID) remain active in the carrier's Home Location Register (HLR) until explicitly deactivated. This means your number can still receive calls, your data plan may continue to bill, and your digital identity persists in carrier systems. The illusion of deletion is a user experience convenience that masks a complex backend reality most consumers never see.

Even after you delete an eSIM profile locally, carriers retain significant data tied to your subscription. Under GSMA's SGP.22 specifications, the Subscription Manager Data Preparation (SM-DP+) server — the platform that delivered your eSIM profile — maintains records of all provisioning and deprovisioning events. Many carriers keep these records for months or years, citing regulatory compliance, fraud prevention, and billing reconciliation. In the European Union, GDPR grants users the 'right to erasure,' but telecommunications data often falls under separate retention mandates requiring carriers to store subscriber information for periods ranging from 6 months to 10 years depending on the jurisdiction. Your deleted eSIM leaves behind a data trail that includes location pings, connection timestamps, and usage patterns — a digital ghost that can resurface in unexpected ways.

The gap between local deletion and carrier-side deprovisioning creates a security vulnerability that few users anticipate. If a deleted eSIM profile's credentials remain valid on the carrier side, a sophisticated attacker with access to the SM-DP+ server or the ability to intercept provisioning messages could theoretically re-download the profile to a different device. This is not a hypothetical concern: in 2023, security researchers at SRLabs demonstrated that certain eSIM implementations allowed profile reactivation on unauthorized devices when proper deprovisioning protocols were not followed. The risk is compounded when selling or recycling a phone. Even after a factory reset, the eUICC's Issuer Security Domain (ISD) may retain cryptographic keys that, if not properly purged, could be exploited. Always perform a full eSIM profile deletion and request explicit deprovisioning confirmation from your carrier before parting with any device.

When traveling internationally, many users purchase local or regional eSIM plans for short-term use, then delete them upon returning home. But cross-border deprovisioning introduces unique complications. Different countries have vastly different telecommunications regulations governing data retention, and a profile issued by a carrier in one jurisdiction may be subject to retention rules that conflict with your home country's privacy expectations. Furthermore, some international eSIM providers operate as aggregators, reselling capacity from multiple underlying carriers. When you delete a profile from such a provider, the deprovisioning request must cascade through multiple backend systems — and at each step, there is potential for failure or delay. Users have reported cases where 'deleted' international eSIMs continued to generate roaming charges months later because the profile was removed locally but never fully deprovisioned from the wholesale carrier's infrastructure.

To ensure your eSIM profile is truly gone, follow a systematic deprovisioning process. First, contact your carrier directly — do not rely solely on in-device deletion. Request written confirmation that your subscription has been terminated and the associated eSIM profile has been deprovisioned from the SM-DP+ server. Second, before selling or disposing of a device, navigate to your eSIM settings and delete all profiles, then perform a full factory reset. For enterprise users managing fleets of eSIM-enabled devices, implement a formal deprovisioning policy using GSMA's SGP.32 IoT eSIM specifications, which include mandatory profile deletion notifications between the eUICC and the SM-DP+. Third, for privacy-conscious users, consider requesting a Subject Access Request (SAR) under GDPR or equivalent local legislation to verify what data your carrier retains after deprovisioning. The convenience of eSIM comes with the responsibility of understanding that deletion is a process, not a button — and that process requires engagement with the carrier ecosystem you may have hoped to leave behind.