So as long as I send a target an email and they don't respond back that they refuse then I can do anything to them that was in that email - same level of "authorised". They probably looked at an email longer if it was actually opened.