Google relaxes mandatory Android Lollipop encryption policy

Nexus 6 running Android Lollipop

After having announced last year that new Android devices shipping with Lollipop would come with full disk encryption, Google is now quietly relaxing its policy. Although prior versions of the Android operating system used on popular smartphones and tablets today supported optional encryption, Google's policy would have required manufacturers to turn encryption on when devices ship.

When Lollipop, also known as Android 5.0, was announced, Google spokesperson Niki Christoff said in an interview with The Washington Post: "As part of our next Android release, encryption will be enabled by default out of the box, so you won't even have to think about turning it on."

Separately, Google detailed that encryption of the user data partition would occur at first boot.

Change in policy

But somewhere between Google's original announcement of Lollipop in September 2014 and today, the Android OS-maker changed its policy from making encryption a requirement to something that is "very strongly recommended."

"For devices supporting full-disk encryption, the full-disk encryption should be enabled all the time after the user has completed the out-of-box experience," Google specifies in its Android Compatibility Definition document. "While this requirement is stated as should for this version of the Android platform, it is very strongly recommended as we expect this to change to must in the future versions of Android."

Google hasn't commented on why it's reverting back to its old policy for device encryption, but Ars Technica speculates the decision may be related to performance. The site postulates that performance in certain tasks is slower on the Nexus 6 compared to the Nexus 5 due to encryption.

"The performance problems can be offset by using faster flash memory, faster file systems like F2FS, and chips that are better at encrypting and decrypting data quickly, but phones and tablets take long enough to design that OEMs will need time to make these changes," Ars Technica's Andrew Cunningham writes.

For now, consumers who use an Android phone or tablet running Android Lollipop should turn on encryption themselves if they want a more secure mobile computing experience. On most Android devices, you can go to settings, security, and then choose to encrypt your phone.