Biometric technology was once the purview of security, with face recognition technology and fingerprint scans used for identification and law enforcement. This is no longer the case with biometrics increasingly used for commercial and civil applications. Due to the widespread diffusion of biometrics, it is important to address the ethical issues inherent with the development and deployment of the technology. This paper reviews research on biometrics for both security and non- security purposes (the latter of which is limited but expanding alongside the associated technologies) highlighting the changing nature of biometric applications. These changes have also lead to corresponding changes in the ethical issues and debates surrounding the technology. These debates are discussed, giving attention to the legal frameworks underpinning biometrics and the human rights and civil liberties that must be accounted for in their usage. It will be argued that a robust data governance framework can significantly ameliorate many ethical concerns, both social and technical. This paper concludes by pointing to several directions for much needed research on the topic, all of which should be undertaken with a contextual understanding of how the technology is used by organizations and the role individuals play in their relationships with biometrics.