In Bitcoinica, the bitcoins are used as collateral to back up any losing positions, so they need complete control over them. If you could withdraw bitcoins on your own, you could simply run away with the money if you lose. Also, Bitcoinica used customer deposits as reserves for trading, so they cannot assign a dedicated wallet per customer.
If customer funds are not put to use but still need to be held, complex scripts might provide a partial solution. A customer-specific address can have a spending condition of (Service private key | Customer private key & Time > X). Then if the service is down without coins being stolen, the customer can still withdraw after a while; and if the service continues to function, they move it to a new address with a different time.
For an eWallet where funds don't need to be tied up, there may be even better solutions, for example (Service key & Customer key | Customer key & Time > X | Service key & Time > Y). This way, the eWallet cannot steal the coins; if it is down or hacked, the coins can be recovered eventually; the customer cannot double-spend, so it can use the service's green address; and the coins are still safe if the customer's key is lost or stolen.