Google reneges on its promise of encryption by default for Lollipop devices
Not wanting to be outdone by Apple, when it was announced that iOS 8 would encrypt data by default, Google felt compelled to follow suit. Back in September Google said that in Lollipop "encryption will be enabled by default out of the box, so you won't even have to think about turning it on". But six months is a long time, and it now seems that Google has had a change of heart.
Well, as noted by Ars Technica, many of the Lollipop handsets appearing at MWC 2015 -- including the Samsung Galaxy S6 -- do not have encryption enabled. Of course there is nothing to stop users from manually enabling it, but that's not really the point; the idea was that you "won't even have to think about turning it on". So what gives?
It's all about performance. On-the-fly encryption and decryption eats up valuable processor time, and handsets took a hit in terms of speed. Take a look at a blog post from Google about the release of Lollipop from late October and you'll immediately notice references to "new security features protecting you, like encryption by default" and the assurance that "full device encryption occurs at first boot".
But scroll to the bottom of the post and you'll see that there's an addendum:
In September, we announced that all new Android Lollipop devices would be encrypted by default. Due to performance issues on some Android partner devices, we are not yet at encryption by default on every new Lollipop device. That said, our new Nexus devices are encrypted by default and Android users (Jelly Bean and above) have the option to encrypt the data on their device in Settings ---> Security ---> Encryption. We remain firmly committed to encryption because it helps keep users safe and secure on the web.
Such is the change of heart that full device encryption by default is no longer a requirement for partners according to Google's Android Compatibility Program document (section 9.9 on page 59) it's now optional:
If the device implementation has a lock screen, the device MUST support full-disk encryption of the application private data, (/datapartition) as well as the SD card partition if it is a permanent, non-removable part of the device [Resources, 107]. For devices supporting full-disk encryption, the full-disk encryption SHOULD be enabled all the time after the user has completed the out-of-box experience. While this requirement is stated as SHOULD for this version of the Android platform, it is very strongly RECOMMENDED as we expect this to change to MUST in the future versions of Android.
So there is still a requirement for Samsung et al to support device encryption, but there is no requirement for it to be enabled as initially promised. You'll notice that the Android Compatibility Program document was last updated in the middle of January -- Google didn’t publicize the change, and it's only now that people are starting to notice and question it.
Problems with performance and compatibility are quite reasonable reasons for delaying encryption by default, but Google's lack of transparency is worrying. Following Google's promises back in the latter end of 2014, anyone buying a new Lollipop device would quite reasonably expect that their device is encrypted -- and the uninitiated may not even bother to check. The balance between performance and security is one for users to make for themselves, but Google needs to be open and honest about what is going on.
Photo credit: Daniel Padavona / Shutterstock