Despite the obvious importance of privacy concerns in the information age, “privacy” remains a messy concept in the academic literature. Scholars are thus attempting to clarify and systematize the privacy concept. They have proposed two important dimensions of privacy concerns: 1) proportionality, or the adequate, relevant and non-excessive collection of personal data, and 2) secondary usage, or the prohibition of subsequent, unspecified uses of personal information.

This paper takes measure of the proportionality and potential secondary uses of biometric data in the proposed United Kingdom (UK) National Identity Register (NIR). It argues that the UK Identity Cards Act 2006 fails to guard against violations of the principles of proportionality and secondary usage of biometric data.

After reviewing the modern literature on informational privacy protection, I analyze biometrics and their privacy implications. I then discuss these implications in the context of the UK government’s NIR plans. The analysis yields insights into how biometrics on the proposed NIR interplay with purpose specifications, architectural concerns, knowledge asymmetries and public anxieties. I also explore potential secondary uses of the types of biometric data that could be stored in the NIR. Last, a brief note is offered about the possible means of regulating against privacy infringements.