For a few years now Android has been encrypting storage. Not the SD card, and maybe not even the internal storage (which on android land means your files that you can access with a file manager without root) but I’m not sure about that part. The app’s main data is surely encrypted though, when the security menu in the settings says so.

But, there’s a loophole. Or two.
The parent commenter said, actual encryption can’t be broken without keys.
First, the keys are in the black box TPM of the phone.
Second, how do you verify that the phone uses an effective and unmodified encryption algorithm, and also that keys are never leaked anywhere?
And now consider that popular brands have been bundling malware for years, some of which cannot really be uninstalled either.

Isn’t it an open secret that powerful entities (like spying institutions) can get into pretty much every system if they have physical access? Why is this not plausible

You stated in your original comment: “pretty much every system”. So no, any modern phone if android or iOS is by default encrypted.

If the key for the encryption is on the device, and either stored in an unencrypted TPM or unencrypted storage, its not a matter if breaking the encryption (quite impossible) but breaking the software/hardware (quite possible for someone with good enough forensics and skilled programmers)

TPMs are by design encrypted.

Keys are not stored unencrypted at least not when you encrypt your storage with modern solutions and set it up reasonably. You use either your TPM to store the key or store it on the drive and have it encrypted by itself or use a KDF.

Also also: encryption only helps if the device is off, which is seldom the case with phones.

No this assumption is wrong. You still would need to circumvent the Login into the device which is mostly secured by a pin or password or biometrics.