Some talkgroups are "strapped secure." That's an industry term that means that the radio system will ONLY pass traffic that is encrypted. You'll never hear any in the clear communications on that talkgroup.
I suspect most talkgroups on Palmetto 800 are set to ALLOW encrypted traffic along with non-encrypted traffic. In this case, the user of the individual radio can choose whether to use encryption, or not, provided that the radio has been properly configured to use encryption. It's typically controlled by a switch on the top of the radio. Turn the switch one way, radio traffic is encrypted, turn the switch the other way, it's not encrypted.
Other radios on that talkgroup that are properly configured with encryption (meaning the radio is licensed to use it and has the proper encryption key loaded) will automatically decode the encrypted traffic. The other radio users on the talkgroup won't know encryption is being used unless they happen to glance at their radio display while the encrypted user is transmitting. It's easy for the switch on one or two radios out of several to be switched into the encrypted position, and others not. Unless the users are specifically mindful of whether encryption is to be used or not, it can be a mixed bag. This is why agencies that specifically choose encryption choose to "strap" a channel as secure - so there won't be any mistakes.
We, as casual listeners, have no way to know if a talkgroup is "strapped secure" or not. Or whether a particular radio is capable of encryption or not. And it's not much fun to listen to a channel that has most of their radios using encryption. As others pointed out, the database is updated to reflect "sometimes encrypted" vs "always encrypted", but those indications are just based on casual monitoring. Mistakes can happen, and sometimes a channel marked big "E" can have a few, or many, non-encrypted users from time to time. Little "e" is used when encrypted and non-encrypted traffic have been noted by casual monitoring.