The Western Digital external drives like WDBAAF0020HBK My Book Essential USB has a hardware-based AES data encryption. Surprisingly though, the content stored on this WD MyBook is encrypted even when no password was assigned. If the USB-to-SATA converter fails, the cipher keys are lost and hence data cannot be recovered even though the storage is fine. Considering that failure of the USB-to-SATA encryption chip is likely more probable than the drive getting into wrong hands, the continuous protection is likely more harm than good.
Why did designers implement the encryption? The reasoning behind such a decision is a speed of changing a password. If you have a policy of “no password = no encryption”, once the password is set or changed, the big disk needs to be re-encrypted, taking some hours. And this even before we start looking into other complex issues like something along the lines of multiple consequent power failures during reciphering. Exactly the same applies to password removal.
So the engineers went for the quicker method. The master key which is used for encryption is generated when the drive is built and stored within the controller memory. All the data on the drive is encrypted with this master key, all the time, regardless if the user sets the password. Once user assigns a password, the master key is encrypted with a password. The data on the drive being encrypted from the start, it is not possible to decrypt data without the master key, and the master key is not accessible unless you can produce the good password. With this configuration if the encryption module goes bad, the external hard drive recovery is not possible.