Further demonstrating its commitment to encryption, Google has decided to make full-disk encryption mandatory for new smartphones and tablets running on the latest version of Android. If this sounds familiar, it’s because the company did the same thing with Android 5.0 last year, but ended up changing it from mandatory to strongly recommended. Now it’s going back to the mandatory encryption policy with Android 6.0 by requiring OEMs to enable full-disk encryption by default on devices that support it.
Last year, with Android 5.0 Lollipop, Google had decided to make Encryption mandatory. And encrypted the Nexus 6 and Nexus 9. However, they had later decided to “strongly” recommend it for their partners. Google has released a new version of the Android Compatibility Definition Document which is a document that defines compatibility with other devices that partners can use for their Android-powered devices. It’s really a behind-the-scenes document that none of us will ever really see. In the latest version of the Android Compatibility Definition Document, Google changed the portion about encryption to read as: “For device implementations supporting full-disk encryption and with Advanced Encryption Standard (AES) crypto performance above 50MiB/sec, the full-disk encryption MUST be enabled by default at the time the user has completed the out-of-box setup experience.” So this means that full-disk encryption is mandatory, and it must be done before the setup process is complete. That being the process you go through after opening the box and turning on your brand new phone.
