Summary:The search giant will let phone makers decide whether or not to enable encryption-by-default, saying it will be considered for "future" versions of Android.
Phones and tablets running Android "Lollipop" will not have device encryption switched on by default, despite an earlier promise by the software maker.
Ars Technica first reported Monday the company's move to reverse its policy. Although all phones and tablets running Android "Lollipop" will support encryption, it will be the responsibility of the phone or tablet maker to decide how to implement it.
In an email to ZDNet, Google confirmed the decision but did not explain the reason for the apparent change in policy. Instead, encryption by default will be reserved for "future versions" of the mobile operating system.
Phones and tablets running Android "Lollipop" will not have device encryption switched on by default, despite an earlier promise by the software maker.
Ars Technica first reported Monday the company's move to reverse its policy. Although all phones and tablets running Android "Lollipop" will support encryption, it will be the responsibility of the phone or tablet maker to decide how to implement it.
In an email to ZDNet, Google confirmed the decision but did not explain the reason for the apparent change in policy. Instead, encryption by default will be reserved for "future versions" of the mobile operating system.
Although all phones and tablets running Android "Lollipop" will support encryption, it will be the responsibility of the phone or tablet maker in how to implement it.
For now, only Google's-own Nexus 6 phone and Nexus 9 tablet have device encryption enabled by default when the device is first switched on.
Non-Nexus device owners will have to enable the feature manually.
Google made headlines earlier this year after it said it would put the onus of device security in the hands of the phone or tablet owner.
"As part of our next Android release, encryption will be enabled by default out of the box, so you won't even have to think about turning it on," Google spokesperson Niki Christoff told The Washington Post in September.
A month later, Google reaffirmed the statement in a blog post, noting that the encryption would happen "at first boot" using an encryption key that "never leaves the device."
Apple was first to announce that the latest version of its mobile operating system iOS 8 would come with device encryption by default.
The decision by Google and Apple to enable encryption by default was slated to be in response to the Edward Snowden leaks; Google and Apple were named (along with many other Silicon Valley tech titans) as successful targets of the intelligence agency's activities.
But older devices upgrading to the new Android operating system, as well as new "Lollipop" devices rolling off the production lines, are reportedly not enabling the feature.
Ars Technica said Monday that the Samsung Galaxy S6, which runs the latest Android software, does not come with encryption switched on by default. (We checked the Moto E model which we reviewed late last month, and it also does not come with encryption switched on by default.)
Google did not comment on the record, but did cite its Android Compatibility Definition document, in which the company says encryption "should" be enabled after the device is taken out of the box.
"We expect this to change to 'must' in the future versions of Android," the document says.
It's not clear why the policy was changed. Ars Technica suggests (and cites multiple sources of data) that default device encryption caused severe performance issues. Some users upgrading older Nexus devices warned of "unusable" devices following the upgrade to the pre-release Android "Lollipop" software.
For now, only Google's-own Nexus 6 phone and Nexus 9 tablet have device encryption enabled by default when the device is first switched on.
Non-Nexus device owners will have to enable the feature manually.
Google made headlines earlier this year after it said it would put the onus of device security in the hands of the phone or tablet owner.
"As part of our next Android release, encryption will be enabled by default out of the box, so you won't even have to think about turning it on," Google spokesperson Niki Christoff told The Washington Post in September.
A month later, Google reaffirmed the statement in a blog post, noting that the encryption would happen "at first boot" using an encryption key that "never leaves the device."
Apple was first to announce that the latest version of its mobile operating system iOS 8 would come with device encryption by default.
The decision by Google and Apple to enable encryption by default was slated to be in response to the Edward Snowden leaks; Google and Apple were named (along with many other Silicon Valley tech titans) as successful targets of the intelligence agency's activities.
But older devices upgrading to the new Android operating system, as well as new "Lollipop" devices rolling off the production lines, are reportedly not enabling the feature.
Ars Technica said Monday that the Samsung Galaxy S6, which runs the latest Android software, does not come with encryption switched on by default. (We checked the Moto E model which we reviewed late last month, and it also does not come with encryption switched on by default.)
Google did not comment on the record, but did cite its Android Compatibility Definition document, in which the company says encryption "should" be enabled after the device is taken out of the box.
"We expect this to change to 'must' in the future versions of Android," the document says.
It's not clear why the policy was changed. Ars Technica suggests (and cites multiple sources of data) that default device encryption caused severe performance issues. Some users upgrading older Nexus devices warned of "unusable" devices following the upgrade to the pre-release Android "Lollipop" software.
