Apple sued security start-up Corellium last year, accusing it of violating copyright law for offering researchers access to “virtual” iPhones that can help them find bugs in iOS products. Now, a federal judge in Florida has tossed Apple’s copyright complaint, giving Corellium a major victory in its legal battle against the tech giant. Apple also accused Corellium of violating the Digital Millennium Copyright Act for allegedly bypassing its security measures to create its iPhone emulator. That complaint has yet to be addressed by court.
Corellium’s software allows security experts to run virtual iPhones on a browser on their computer. It gives them deeper access to iOS even without a physical iPhone installed with special software. As The Washington Post notes, in addition to accusing Corellium of infringing on its copyright, Apple also said the company was selling its product indiscriminately, thereby compromising the platform’s security.
Judge Rodney Smith ruled, however, that Apple’s claims are “puzzling, if not disingenuous.” He wrote in his ruling (via TechCrunch): “Weighing all the necessary factors, the Court finds that Corellium has met its burden of establishing fair use. Thus, its use of iOS in connection with the Corellium Product is permissible.” The judge also pointed out that Apple tried to acquire Corellium in 2018 and was able to test its product before their talks fell through. If Apple pushed through with Corellium’s acquisition, the latter’s software would’ve apparently been used for internal testing and validation. The ruling discussed how Corellium vets its customers before selling them the software, as well.
David L. Hecht, Corellium’s co-counsel, told Engadget in a statement:
“We are very pleased with the Court’s ruling on fair use and are proud of the strength and resolve that our clients at Corellium have displayed in this important battle. The Court affirmed the strong balance that fair use provides against the reach of copyright protection into other markets, which is a huge win for the security research industry in particular.”
Apple has long been criticized for making it difficult for researchers to take its mobile platform apart to check for vulnerabilities. Recently, though, it launched the Security Research Device (SRD) Program that sends qualified security experts hacker-friendly iPhones they can use to find bugs in iOS itself and in third-party apps. Apple sent out its first batch of SRD iPhones a few days ago and is expected to accept more applicants into the program in the future.