Google Plans To Encrypt Android Data By Default - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile // Mobile Devices
08:06 AM
Connect Directly

Google Plans To Encrypt Android Data By Default

After Apple CEO Tim Cook talks up iOS8 data security, Google says the next version of Android will shield data on devices more effectively.

10 Ways Google Must Improve Android
10 Ways Google Must Improve Android
(Click image for larger view and slideshow.)

Following Apple CEO Tim Cook's declaration on Wednesday that Apple is unable to decrypt devices using iOS 8, Google let it be known that the next version of Android will shield data on devices more effectively.

Android has supported user-controlled device encryption since the debut of version 2.3.4 (Gingerbread), with improvements over the years. But now Google plans to turn device encryption on by default. A company spokesperson told the Washington Post, "As part of our next Android release, encryption will be enabled by default out of the box, so you won't even have to think about turning it on."

The next Android release is called "Android-L." No specific release date has been announced, but Google intends to deliver the update before the end of 2014, possibly as soon as October.

By turning device encryption on by default, Apple and Google are declaring their disinterest in surveillance-as-a-service. Government agencies often ask the companies to help them access data on smartphones seized in the course of investigations, when investigators cannot access that data on their own. When authorities make such demands in accordance with valid legal process, companies must provide whatever data they can access. Default device encryption means Apple and Google will be unable to assist authorities with data on devices, whether they want to or not.

[Will these move influence sales of wearables? Read Android Wear to Beat Apple Watch?]

"What is so interesting and smart about this move is that rather than [Apple] telling the government that they no longer want to help the government, they re-architected iOS so they are unable to help the government," Christopher Soghoian, principal technologist and senior policy analyst for the ACLU, wrote in a blog post. "Think of it as Apple playing a game of chicken, and the company has just thrown the steering wheel out of the window."

Google may find it harder to get credit for promoting privacy than Apple, because it's committed to collecting data about its users to help its advertising business -- a point to which Cook alluded. And as long as Google has accessible data, people will come asking for it. But Google deserves some credit. The company has already advanced online privacy in many ways, including its 2010 decision to enable HTTPS in Gmail by default, its Safe Browsing API, and its Transparency Reports, among other related initiatives. Apple's advantage is that it's in the hardware business, rather than the information business.

In any event, both companies, along with others in the technology industry, stand to benefit by embracing ignorance of customer data. By doing so, they should be able to mitigate the mistrust of cloud computing created by Edward Snowden's revelations about the scope of government-backed surveillance. Yet putting users in control of device data will only get them halfway there.

Neither Apple nor Google provides user-controlled encryption, by default or choice, in iCloud or Google Drive. Apple does encrypt most iCloud data, except for Mail and Notes, but because the company controls the encryption keys rather than the customer, it can provide access if necessary. Google Drive files are not encrypted -- doing so would limit sharing and collaboration -- but there are third-party file encryption options.

Do you need a deeper leadership bench? Send your most promising leaders to our InformationWeek Leadership Summit, Sept. 30 in New York City, for a day of peer learning and strategic speakers.

Thomas Claburn has been writing about business and technology since 1996, for publications such as New Architect, PC Computing, InformationWeek, Salon, Wired, and Ziff Davis Smart Business. Before that, he worked in film and television, having earned a not particularly useful ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Becoming a Self-Taught Cybersecurity Pro
Jessica Davis, Senior Editor, Enterprise Apps,  6/9/2021
Ancestry's DevOps Strategy to Control Its CI/CD Pipeline
Joao-Pierre S. Ruth, Senior Writer,  6/4/2021
IT Leadership: 10 Ways to Unleash Enterprise Innovation
Lisa Morgan, Freelance Writer,  6/8/2021
White Papers
Register for InformationWeek Newsletters
Current Issue
Planning Your Digital Transformation Roadmap
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Flash Poll