When does the APP allow the collection of solicited personal information?

The correct answer is that the Australian Privacy Principles (APP) allow the collection of solicited personal information specifically when an APP entity has directly solicited it from the individual. This means that the individual has been approached or engaged by the entity to provide their personal information for a specific purpose.

Solicited personal information refers to data that a person is asked to provide, typically in the context of a transaction or service where it is clear why the information is needed. The collection of such information must align with the purpose for which it was requested, ensuring transparency and trust in the interaction between the APP entity and the individual.

In contrast, the other options present scenarios that do not fully address the guidelines established by the APP. While sensitive information does have specific regulations regarding its collection, this limitation does not apply to all solicited information. Consent is an important component of data collection, but it applies more broadly to various types of personal information, not just solicited data, making it less specific than the correct answer. The necessity for business transactions may imply a reason for collecting data but does not inherently require solicitation, thus not adhering strictly to the conditions outlined in the APP.