Your passcode may be a somewhat effective way to keep regular people from getting into your smartphone, but if you’re using an Android device, there’s a good chance that Google can simply bypass the passcode remotely and unlock your device in the event that it’s legally obligated to do so. Apparently, this only works for the 74.1% of Android devices that are running on older versions of the operating system, as newer versions support full disk encryption that makes it virtually impossible for anyone, including Google, to break into them.
According to a document prepared by the New York District Attorney’s Office, older versions of Android can easily be remotely reset by Google if compelled by a court order, allowing investigators to easily view the contents of a device. The document, which looks at the impact of full disk encryption on access for law enforcement, says that devices running Android 5.0 (and newer) are unable to be remotely reset as they use full disk encryption – it’s not switched on by default for many devices, however. Anything using an older version is vulnerable to remote reset. “Forensic examiners are able to bypass passcodes on some of those devices using a variety of forensic techniques. For some other types of Android devices, Google can reset the passcodes when served with a search warrant and an order instructing them to assist law enforcement to extract data from the device. This process can be done by Google remotely and allows forensic examiners to view the contents of a device.” According to the Android Developer Dashboard, that means that 74.1 percent of devices are still using a version of Android that can be remotely accessed at any time.