My local electric utility PG&E has a low tech solution for their Smart meters. If you want to activate the remote sensor you fill out this form and wait 5 days for your "HAN eligibility code".
Well.. it turns out that submitting this form emails customerservice@pge.com with the information (and cc's the person filling out the form). A quick check reveals that it posts to '/cgi-bin/pgemail.pl' with the included account number and other personal information.
I wonder how they'll send me this super secret code? Email too? But don't worry it's secure, they have "PKI certificates using Certicom Elliptic Curve Qu Vanstone (ECQV) technology."