Google isn’t forcing automatic encryption on OEMs yet

Mar 3, 2015 11:05 GMT  ·  By

Last year in September, when Android 5.0 Lollipop wasn't out yet, a report came in saying that Google’s new OS would bestow automatic encryption to any device running the platform, something in the vein of what Apple chose to do with the iOS 8 update.

But as more and more Android 5.0 Lollipop smartphones are being launched by various phone manufacturers, it is becoming increasingly clear that these products aren't encrypted by default.

So what happened? It appears that after the initial report announcing Google’s decision to bestow default encryption to its Lollipop-enhanced mobile devices, the search giant had a change of heart.

Is Google backing away from the decision? Quite unlikely

Optional encryption was offered by Google ever since 2011, but few users really knew how to turn the feature on.

Yet, we were told that when Android L came out, users were going to be confronted with some drastic changes. With encryption happening automatically, only those familiar with the device’s password were to be allowed access to the information stored on the device.

Which also translated into the fact that law-enforcement officials would have found it harder to access smartphone data without a user’s pass code, even if they had a valid warrant.

After the initial report, a confirmation from Google came in October, when the tech giant detailed Lollipop’s security features and wrote that “encryption will be enabled by default out of the box, so you won’t even have to think about turning it on.”

Even if the first Android 5.0 Lollipop devices, the Nexus 6 and Nexus 9, supported default encryption, the new slew of phones and tablets coming from third-party manufacturers obviously don't. As Ars Technica confirms, neither the Motorola Moto E (2015) nor Samsung’s Galaxy S6 supports this feature.

Google has relaxed the encryption policy for a very good reason

So what happened along the road? Well, it appears Google has subtly changed its full-disk encryption policy (in the Android Compatibility Definition document) saying that it only encourages third-party makers to support automatic-encryption on Lollipop devices, but it does not offer it itself. So it’s still up to the OEMs to make things work in this direction.

Finally, Google explains that this feature will be made mandatory in “future versions of Android.” Ooops.

Therefore, what’s the reason behind Google backing out of the situation? The answer has to do with the fact that automatic full-disk encryption put a toll on Nexus 6’s performance, to an extent that the handset was found to be laggier than the Nexus 5.

So, basically, Google is giving partners time to perfect things in the hardware department before making automatic encryption a must for their Android products. The theory sure makes sense, so what do you think about all this?