This constraint forces an attacker to focus on the user that actually has the password. From a security perspective, this forces the attacker to shift focus on forcing the user to reveal the secret as opposed to the company responsible for creating the firmware, in this case Google.
My guess is in the U.S. the 4th and 5th amendment would prevent the government from forcing you to reveal the secret, so long as you do not rely on biometric security, which has been in some cases ruled as exempt from the same rights as say a password. IANAL though, so I really can't elaborate on an explanation of why. I think if anything you're likely to be held on obstruction charges or have your assets frozen in an attempt to apply pressure on someone unwilling to cooperate. In other, perhaps less forgiving locales like North Korea, China, or Russia, I imagine one may end up being the subject of persuasion of a more physical nature.
I've noticed that my Pixel asks me for my PIN for "additional security" every few days. Apparently it asks you for your PIN if you try to unlock your device without having entered your PIN for 3 days [0]. I never realized this was the reason, but it seems like a fairly decent deterrent to law enforcement - I wonder if there's a way to reduce this frequency to a day or so.
A competent law enforcement agency attaches a digital forensics device all the phone’s content as soon as they get their hands on it. They’re probably not going to wait three days.
> This constraint forces an attacker to focus on the user that actually has the password.
The irony is that while the Android development team is doing this, the Google business and cloud services teams are increasingly gathering more data from the Android users, and encouraging them to put as much of their data on Google's servers as possible. And Google can give access to that data because it doesn't use end-to-end or homomorphic encryption.
You'd need a court order to get that data from Google, but not to get the data from a seized phone. That court order might also be challenged by Google.
That applies especially to non-law enforcement actors. Those can't get a court order to force Google to hand over the data.
My guess is in the U.S. the 4th and 5th amendment would prevent the government from forcing you to reveal the secret, so long as you do not rely on biometric security, which has been in some cases ruled as exempt from the same rights as say a password. IANAL though, so I really can't elaborate on an explanation of why. I think if anything you're likely to be held on obstruction charges or have your assets frozen in an attempt to apply pressure on someone unwilling to cooperate. In other, perhaps less forgiving locales like North Korea, China, or Russia, I imagine one may end up being the subject of persuasion of a more physical nature.