Despite initial promises by Google, and rival Apple implementing the technology in iOS 8 last September, new devices loaded with Android 5.0 Lollipop are not using default full-disk encryption meant to prevent criminals, police, and spy agencies from getting unauthorized access to private data.
In September, Google stated that all devices launching with Lollipop pre-installed would have encryption on "out of the box," according to ArsTechnica. The company echoed this sentiment in October, mentioning that user data partitions would be encrypted "at first boot." Indeed the latest first-party Android devices — the Nexus 6 smartphone and Nexus 9 tablet — are shipping with encryption activated.
Third-party Lollipop devices are being announced at this week's Mobile World Congress in Barcelona, but Ars observes that phones like the 2015 Moto E and Samsung Galaxy S6 aren't being fully encrypted automatically. Google instead appears to have altered its policies, stating in the most recent Android Compatibility Definition document (PDF) that while new devices must be capable of supporting full-disk encryption and should ideally have it on out-of-the-box, the company only expects to make default encryption mandatory in "future versions of Android."
Google may be backtracking because of complaints about the performance of the Nexus 6. Reviews have commented that with full-disk encryption on, the device can sometimes be slower than 2013's Nexus 5. The company may therefore be postponing default encryption as a standard until hardware vendors have memory and processors that can cope.
Both Apple and Google have pledged to improve device security in the wake of revelations from former National Security Agency contractor Edward Snowden, who exposed the vulnerability of many devices to external intrusion. The NSA was shown to have methods and programs for scooping up masses of personal data, even from people not accused of any crime; the agency secured cooperation from major American technology corporations. In theory Apple and Google's new encryption schemes are so secure that even they can't help spy or police agencies break through them.