Check if Android filesystem is encrypted

Just to clarify CommonsWare's answer, you can read the device encryption status without any Android permissions.

/**
 * Returns the encryption status of the device. Prior to Honeycomb, whole device encryption was
 * not supported by Android, and this method returns ENCRYPTION_STATUS_UNSUPPORTED.
 *
 * @return One of the following constants from DevicePolicyManager:
 * ENCRYPTION_STATUS_UNSUPPORTED, ENCRYPTION_STATUS_INACTIVE,
 * ENCRYPTION_STATUS_ACTIVATING, ENCRYPTION_STATUS_ACTIVE,
 * ENCRYPTION_STATUS_ACTIVE_DEFAULT_KEY, ENCRYPTION_STATUS_ACTIVE_PER_USER.
 */
@TargetApi(11)
private static int getDeviceEncryptionStatus(Context context)
{
    int status = DevicePolicyManager.ENCRYPTION_STATUS_UNSUPPORTED;

    if (Build.VERSION.SDK_INT >= 11) {
        final DevicePolicyManager dpm =
                (DevicePolicyManager) context.getSystemService(Context.DEVICE_POLICY_SERVICE);
        if (dpm != null) {
            status = dpm.getStorageEncryptionStatus();
        }
    }

    return status;
}

See the documentation for DevicePolicyManager and the encryption status flags.

It's also worth mentioning that Android has moved from full-disk encryption to file-based encryption to support Direct Boot, among other things. See File Based Encryption.

If your app is registered as a device admin, you can call getStorageEncryptionStatus() on DevicePolicyManager to find out the encryption status of the device, for API Level 11 and higher.

For any whole-device encryption on lower API levels, please contact the device manufacturer.

to clarify previous answers on API < 23 getStorageEncryptionStatus() returns ENCRYPTION_STATUS_INACTIVE when device is encrypted but passcode was't enabled.

On API >= 23 it returns ENCRYPTION_STATUS_ACTIVE_DEFAULT_KEY in this case.