Because you can't change it. Sure - right now, your fingerprint is only stored on the device, and it isn't accessible to the apps on your phone. But change the EULA a few times and suddenly Facebook needs it to authenticate FacePay or some such. Yahoo!, for whatever reason, allows FacePay to authenticate your Yahoo Email and because they're lazy, they port the biometrics, which they store on their server because they're Yahoo and lazy. Then Yahoo gets hacked, because of course Yahoo gets hacked, and now your fingerprint is forever out there. Note that this scenario requires deliberate malice by an external operator and a steady deprecation of personal security, but considering that's essentially what's being discussed in this article, I'd rather avoid the possibility/inevitabilty of it.