As the use and deployment of biometrics becomes more widespread throughout the world, so do the privacy and security risks associated with the growing collection, use, disclosure and retention of biometric data. At stake is public trust, or the lack thereof, in biometric systems and the organizations involved. Unlike passwords, biometric data are unique, irrevocable, and variable. Biometric Encryption (BE) is highlighted as a prominent example of Privacy by Design, where privacy is embedded as a core functionality in the biometric system. BE binds a digital key to (or extracts the key from) the biometric. Earlier technical challenges to this new technology, as well as recent advances, are presented. Lastly, an overview is provided of an application using facial recognition in a watch list scenario, known to be the first and largest successful deployment of BE using facial recognition, in a casino context.