Nearly three out of four Android smartphones or tablets can be remotely instructed by Google to wipe themselves clean, according to the Manhattan District Attorney’s Office.
In a report on smartphone encryption and public safety published this month, the district attorney’s office said that Google can remotely reset about 74 percent of Android devices. Specific devices that are easily managed this way include those that run Android 4.4 KitKat or earlier versions of Android, are not encrypted and are not secured with either a password or PIN. Although Google isn't likely to reset devices for random reasons, some people worry that Google even can — and will, if the law compels it to.
If your device runs Android 5.0 Lollipop or later, it may be out of Google’s reach. Most Android 5.0 devices have full-disk encryption turned on by default, and the encryption prevents Google from remotely resetting such devices.
Encryption, which the U.N. considers a human right but which some say needs back doors to counter crimes such as terrorism, provides a strong way to protect data by locking the data with an encryption key. No data goes into or out of your Android device’s encrypted disk drive without the right encryption key.
Not all manufacturers enable full-disk encryption on Android 5.0 devices, even if the option is available. For such devices, remote resetting from Google can still occur.
Devices less prone to remote resets run at least Android 6.0 Marshmallow (including the latest Nexus models), which leave the factory with full-disk encryption enabled by default. Neither Google nor other prying eyes ought to be able to access the data on such devices.
In the Android 6.0 Compatibility Definition document updated on Oct. 16, 2015, Google made full-disk encryption mandatory on devices that support it and Advanced Encryption Standard (AES) crypto performance of at least 50 MiB/s. The encryption must be enabled without any further action from the user right after setting up the device.
Full-disk encryption has been around since Android 3.0 Honeycomb. Google has been pushing hard for requiring full-disk encryption on Android devices and nearly succeeded in making it standard when Android 5.0 Lollipop was rolled out.
In contrast, iPhone users running iOS 8 or higher have full-disk encryption enabled by default. Neither Apple nor anyone else can easily bypass a PIN or password used to secure the device.
If you need to encrypt your Android device, you can find the option in either Security or Storage in the Settings menu.
[Image credit: Key with password via Shutterstock]