In the past, Google has made it a requirement for Android devices shipping with Lollipop to be encrypted by default. However, as it turns out, this is no longer the case; at least, for now. People started noticing about this change as they discover that encryption was not turned on by default on Android devices that came with Lollipop out of the box.
Apparently, Google has made a minor adjustment to the Android Compatibility Definition document (PDF), which lines out the requirements that smartphone manufacturers must follow to develop Lollipop devices that are approved by Google. Here’s the relevant part of the document:
If the device implementation has a lock screen, the device MUST support full-disk encryption of the application private data (/data patition) as well as the SD card partition if it is a permanent, non-removable part of the device. For devices supporting full-disk encryption, the full-disk encryption SHOULD be enabled all the time after the user has completed the out-of-box experience. While this requirement is stated as SHOULD for this version of the Android platform, it is very strongly RECOMMENDED as we expect this to change to MUST in the future versions of Android.
In short, manufacturers are not required to enable encryption by default yet for this version of Android, which is Android Lollipop. They are, however, required to ensure that their devices support encryption, which has always been the case for older versions of Android as well.
Google has not given any statement in regards to this amendment to the requirement yet, but seeing as how full device encryption affected the performance of the Google Nexus 6 by a huge margin, it’s a good move nonetheless. Hopefully, when encryption is required to be enabled by default, it would not have such an undesirable effect.
(Source: Ars Technica)
