`
`UNITED STATES DISTRICT COURT
`SOUTHERN DISTRICT OF FLORIDA
`
`Case No. 9:19-cv-81160-RS
`
`
`
`
`
`APPLE INC.,
`
`
`v.
`
`CORELLIUM, LLC,
`
`
`Plaintiff,
`
`Defendant.
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`SECOND AMENDED COMPLAINT AND DEMAND FOR JURY TRIAL
`
`1.
`
`Plaintiff Apple Inc. (“Apple”) brings this complaint against Corellium, LLC
`
`(“Corellium”) for copyright infringement in violation of 17 U.S.C. § 501 and unlawful
`
`trafficking of a product used to circumvent security measures in violation of 17 U.S.C. § 1201.
`
`INTRODUCTION
`
`2.
`
`This is a straightforward case of infringement of highly valuable copyrighted
`
`works, along with the trafficking of and profiting from technology that enables such
`
`infringement. Corellium’s business is based entirely on commercializing the illegal replication
`
`of the copyrighted operating system and applications that run on Apple’s iPhone, iPad, and other
`
`Apple devices. The product Corellium offers is a “virtual” version of Apple mobile hardware
`
`products, accessible to anyone with a web browser. Specifically, Corellium serves up what it
`
`touts as a perfect digital facsimile of a broad range of Apple’s market-leading devices—
`
`recreating with fastidious attention to detail not just the way the operating system and
`
`
`
`Case 9:19-cv-81160-RS Document 589 Entered on FLSD Docket 07/09/2020 Page 2 of 28
`
`applications appear visually to bona fide purchasers, but also the underlying computer code.
`
`Corellium does so with no license or permission from Apple.
`
`3.
`
`Corellium’s conduct plainly infringes Apple’s copyrights. This is not a case in
`
`which it is questionable or unclear whether the defendant reproduced the rights-owner’s works,
`
`or more subtly, whether particular portions of the works that the defendant took are ultimately
`
`protected by federal copyright law. Instead, Corellium simply copies everything: the code, the
`
`graphical user interface, the icons—all of it, in exacting detail. And that’s not all. Corellium
`
`goes even farther by providing its users with the tools to do the same.
`
`4.
`
`Corellium explicitly markets its product as one that allows the creation of
`
`“virtual” Apple devices. For a million dollars a year, Corellium will even deliver a “private”
`
`installation of its product to any buyer. There is no basis for Corellium to be selling a product
`
`that allows the creation of avowedly perfect replicas of Apple’s devices to anyone willing to pay.
`
`5.
`
`Although Corellium paints itself as providing a research tool for those trying to
`
`discover security vulnerabilities and other flaws in Apple’s software, Corellium’s true goal is
`
`profiting off its blatant infringement. Far from assisting in fixing vulnerabilities, Corellium
`
`encourages its users to sell any discovered information on the open market to the highest bidder.
`
`Indeed, Corellium’s largest customer admits that it has never reported any bugs to Apple.1
`
`6.
`
`Apple strongly supports good-faith security research on its platforms, and has
`
`never pursued legal action against a security researcher. Not only does Apple publicly credit
`
`researchers for reporting vulnerabilities, it has created several programs to facilitate such
`
`research activity so that potential security flaws can be identified and corrected. Apple’s
`
`
`1 Lorenzo Franceschi-Bicchierai, iPhone Emulation Company Sued by Apple Says It’s
`Making iPhones Safer, Motherboard Vice (Oct. 29, 2019), https://www.vice.com/en_us/
`article/8xw7gx/iphone-emulation-company-sued-by-apple-says-its-making-iphones-safer.
`
`2
`
`
`
`Case 9:19-cv-81160-RS Document 589 Entered on FLSD Docket 07/09/2020 Page 3 of 28
`
`programs include providing as much as $1 million per report through “bug bounty” programs in
`
`accordance with the provisions of those programs. Apple has also announced that it will provide
`
`custom versions of the iPhone to legitimate security researchers to allow them to conduct
`
`research on Apple devices and software. These efforts recognize the critical role that members
`
`of the security research community play in Apple’s efforts to ensure its devices contain the most
`
`secure software and systems available.
`
`7.
`
`The purpose of this lawsuit is not to encumber good-faith security research, but to
`
`bring an end to Corellium’s unlawful commercialization of Apple’s valuable copyrighted works.
`
`Accordingly, Apple respectfully seeks an injunction, along with the other remedies described
`
`below, to stop Corellium’s acts of naked copyright infringement.
`
`THE PARTIES
`
`8.
`
`Apple Inc. is a California corporation with its principal place of business at One
`
`Apple Park Way, Cupertino, California 95014.
`
`9.
`
`On information and belief, Corellium, LLC is a limited liability company
`
`registered in Delaware with its principal place of business at 630 George Bush Blvd., Delray
`
`Beach, Florida 33483.
`
`JURISDICTION AND VENUE
`
`10.
`
`Pursuant to 28 U.S.C. § 1338(a), this Court has subject matter jurisdiction over
`
`Apple’s claims for relief for violations of the federal copyright statute.
`
`11.
`
`This Court has personal jurisdiction over Corellium because it resides, maintains
`
`offices, and conducts business in this State.
`
`12.
`
`Venue in this Court is proper under 28 U.S.C. § 1400(a). Corellium resides in
`
`this District because its principal place of business is located in this District.
`
`3
`
`
`
`Case 9:19-cv-81160-RS Document 589 Entered on FLSD Docket 07/09/2020 Page 4 of 28
`
`FACTS COMMON TO ALL CLAIMS FOR RELIEF
` Apple’s Copyrighted Works
`
`13.
`
`Apple is a leading designer and manufacturer of mobile communication devices,
`
`personal computers, and media devices. Apple sells a variety of related software, services,
`
`accessories, and third-party digital content and applications. Apple’s products and services
`
`include iPhone®, Mac®, iPad®, Apple Watch®, AirPods®, AppleTV®, Beats® products,
`
`HomePod™, a portfolio of consumer and professional software applications, iOS, iPadOS™,
`
`macOS®, watchOS® and tvOS® operating systems, iCloud®, Apple Pay® and a variety of
`
`accessory, service, and support offerings. Apple sells and delivers digital content through the
`
`iTunes Store®, App Store®, Mac App Store, TV App Store, Book Store and Apple Music®.
`
`Apple has created numerous innovative technologies that have changed the face of the computer
`
`and telecommunications industries.
`
`14.
`
`One such technology is the iOS operating system. iOS comes pre-installed on
`
`Apple mobile devices, including the iPhone, iPad, and iPod Touch. As the operating system for
`
`these mobile devices, iOS is the technological foundation for software “application” programs
`
`(or “apps”) that serve particular functions for end-users—from shopping to playing music and
`
`beyond. Both Apple and third-party programmers write and develop apps that run on iOS.
`
`15.
`
`Apple has periodically created and released new versions of iOS to enhance the
`
`functionality and security of the operating system and the devices it runs. Apple released its
`
`prior major version of iOS, iOS 12, on September 17, 2018, to coincide with its release of the
`
`latest versions of the iPhone—iPhone XS and iPhone XS Max (both of which Apple released on
`
`September 21, 2018), and iPhone XR (which Apple released on October 26, 2018). Apple
`
`released iOS 13 on September 19, 2019.
`
`4
`
`
`
`Case 9:19-cv-81160-RS Document 589 Entered on FLSD Docket 07/09/2020 Page 5 of 28
`
`16.
`
`In addition to an operating system and certain applications, Apple’s mobile
`
`devices include a number of graphic design elements that Apple has created. These include
`
`background wallpaper images, icons, and other features that make iOS and iTunes visually
`
`attractive to consumers. These visual design elements (referred to here as “graphical user
`
`interface elements,” or, more formally, “GUI Elements”) are critical to the appeal of Apple’s
`
`products, and Apple continually updates them to account for design trends and changing tastes.
`
`17.
`
`Apple owns copyrights in (i) each version of iOS, (ii) each version of iTunes, and
`
`(iii) the GUI Elements, including different versions of graphic icons and preinstalled background
`
`wallpaper images. A list of copyright registrations for the works-in-suit is provided in Exhibit A.
`
`Apple registered all or virtually all of these copyrights with the U.S. Copyright Office either
`
`prior to Corellium’s acts of infringement, or within three months of publication.
`
`18.
`
`Apple has put in place a series of technological protection measures that control
`
`access to and protect Apple’s exclusive rights in its software. These include several measures
`
`that prevent iOS and iTunes from being installed onto non-Apple-manufactured hardware. In
`
`addition, after iOS is installed on an Apple device, iOS includes software restrictions that prevent
`
`unfettered access to the operating system. Among other things, these restrictions prevent a user
`
`from modifying the operating system.
`
`19.
`
`These various technological protection measures both control access to iOS and
`
`iTunes (for example, by requiring that users access the installed version of that software only on
`
`an Apple-manufactured device) and protect Apple’s exclusive rights (for example, by preventing
`
`the creation of unauthorized derivative versions of iOS).
`
`20.
`
`Four other points regarding Apple’s products are relevant to this action. First, in
`
`the course of creating and upgrading its market-leading mobile devices, Apple has spent
`
`5
`
`
`
`Case 9:19-cv-81160-RS Document 589 Entered on FLSD Docket 07/09/2020 Page 6 of 28
`
`significant resources developing elaborate security measures within iOS in order to protect its
`
`customers’ data, including embedding security features in the hardware, firmware, and software
`
`layers of iOS and the mobile products on which iOS is installed. To this day, Apple continues to
`
`invest significant resources in researching and improving the security measures in its products.
`
`21.
`
`Second, Apple sells a service called the Apple Developer Program for $99 per
`
`year. The Apple Developer Program provides third-party developers with access to a range of
`
`Apple-created software development tools that allow the creation and testing of iOS apps. An
`
`example is TestFlight®, a development tool which allows app developers to publish “beta”
`
`versions of their apps to testers, who can then download and test the app for a limited period of
`
`time.
`
`22.
`
`Third, Apple also distributes a software product called Xcode® that allows app
`
`developers to create and test iOS apps. Among the features of Xcode is one called “Simulator,”
`
`which gives an app developer the ability to test the app on a “virtual” iOS device. In addition,
`
`Xcode makes it possible to test apps on actual physical Apple devices. Although Xcode is
`
`provided without charge, use of the software requires agreement to specific and detailed terms
`
`and conditions of use, including agreement not to use Xcode to “decompile, reverse engineer,
`
`disassemble, attempt to derive the source code of, modify, decrypt, or create derivative works of”
`
`Apple-created software.
`
`23.
`
`Fourth, earlier this year Apple announced the “iOS Security Research Device
`
`Program,” under which Apple will provide custom versions of the iPhone to legitimate security
`
`researchers, to allow them to find and report bugs to Apple.
`
`24.
`
`Through Apple’s massive investments and unparalleled innovation, iOS has
`
`become one of the most widely used and distributed mobile operating system in the world.
`
`6
`
`
`
`Case 9:19-cv-81160-RS Document 589 Entered on FLSD Docket 07/09/2020 Page 7 of 28
`
`Apple’s mobile products continue to lead the field, with billions of units sold.
`
` Corellium’s Infringing Product
`
`25.
`
`Corellium is “a startup that sells a product that allows users to create virtual
`
`instances of almost any iOS device in the world.”2 Corellium’s product creates exact digital
`
`replicas of Apple’s iOS, iTunes, and GUI Elements (referred to here as the “Corellium Apple
`
`Product”), available via either Corellium’s web-based platform or a privately installed,
`
`Corellium-provided platform.3 Corellium admits that its product will compete with Apple’s iOS
`
`Security Research Device Program.4
`
`26.
`
`The sole function of the Corellium Apple Product is to enable the creation of
`
`“virtual” iOS-operated devices, running unauthorized copies of iOS, on non-Apple hardware.
`
`Images and video of the Corellium Apple Product available online unambiguously demonstrate
`
`Corellium’s blatant copying of Apple’s copyrighted works and establish unequivocally that the
`
`Corellium Apple Product enables its users to circumvent the security protections that Apple has
`
`implemented to protect its copyrighted works and its exclusive rights in those works. For
`
`example, the following images show, on the left, an image of an iPhone X taken from Apple’s
`
`website, and on the right, a “virtual” iPhone X as created within the Corellium Apple Product.
`
`
`2 Lorenzo Franceschi-Bicchierai, The Prototype iPhones That Hackers Use to Research
`Apple’s Most Sensitive Code, Motherboard Vice (Mar. 6, 2019), https://www.vice.com/
`en_us/article/gyakgw/the-prototype-dev-fused-iphones-that-hackers-use-to-research-
`apple-zero-days.
`3 References to the “Corellium Apple Product” refer only to products that create virtual
`versions of iOS-operated devices. This case does not raise claims regarding Corellium-
`created products that are based on other mobile operating systems.
`4 Am. Answer at 8-9.
`
`7
`
`
`
`Case 9:19-cv-81160-RS Document 589 Entered on FLSD Docket 07/09/2020 Page 8 of 28
`
`27.
`
`Corellium openly admits that its product depends on the copying of Apple’s
`
`content—i.e., Apple’s copyrighted works. For instance, in January 2018, Corellium published a
`
`post on its official Twitter account announcing the Corellium Apple Product, noting that the
`
`product “enables us to run virtual iPhones in the cloud,” and features the ability to “[r]un any
`
`version of iOS” and the “[o]ptional jailbreak of any version” of iOS.
`
`
`
`8
`
`
`
`Case 9:19-cv-81160-RS Document 589 Entered on FLSD Docket 07/09/2020 Page 9 of 28
`
`
`In August 2019, Corellium specifically emphasized, at the international
`
`28.
`
`cybersecurity Black Hat USA Conference, that the Corellium Apple Product is an exact copy of
`
`Apple’s copyrighted works, designed specifically to allow researchers and hackers to research
`
`and test their vulnerabilities, by “run[ing] real iOS – with real bugs that have real exploits.” In
`
`other words, the Corellium Apple Product is designed to find and exploit flaws in iOS. And
`
`Corellium’s Apple Product does so by, among other things, enabling its users to circumvent the
`
`technological protection measures that are designed to limit where and how Apple’s copyrighted
`
`works can be used.
`
`9
`
`
`
`Case 9:19-cv-81160-RS Document 589 Entered on FLSD Docket 07/09/2020 Page 10 of 28
`
`
`Corellium acts quickly to copy new versions of Apple’s copyrighted works
`
`29.
`
`immediately after they are released. On September 27, 2018, within days of the announcement
`
`of Apple’s newest iPhone models (iPhone XR, iPhone XS, and iPhone XS Max), Corellium
`
`posted on its official Twitter account that the Corellium Apple Product supported those new
`
`devices with the newest version of the iOS operating system.
`
`
`
`10
`
`
`
`Case 9:19-cv-81160-RS Document 589 Entered on FLSD Docket 07/09/2020 Page 11 of 28
`
`30.
`
`Other images available online show the ease with which Corellium’s customers
`
`can create new “virtual” iOS devices using the Corellium Apple Product. The following series
`
`of images show the steps a user would take in the Corellium Apple Product to create a new
`
`virtual iPhone X, with a fully functioning copy of iOS 12:
`
`A. The Corellium Apple Product allows a user to pick a specific type of device to
`
`create a virtual version of. The image below provides the option to copy an iPhone 7 Plus,
`
`iPhone 8, iPhone 8 Plus, or iPhone X.
`
`
`
`B. Next, the user selects a version of iOS to install on the virtual device.
`
`11
`
`
`
`Case 9:19-cv-81160-RS Document 589 Entered on FLSD Docket 07/09/2020 Page 12 of 28
`
`As Corellium acknowledges, the Corellium Apple Product then downloads a copy of the
`
`appropriate version of iOS from Apple’s servers, installs it on Corellium’s own hardware, and
`
`makes it available to the user through Corellium’s virtual environment. In doing so, Corellium’s
`
`product circumvents the security measures that are in place that prevent iOS from being installed
`
`and executed on hardware other than Apple-authorized hardware.
`
`C. The Corellium Apple Product can then display to users, via Corellium’s web-based
`
`platform or on a privately installed, Corellium-provided platform a functioning, virtual iPhone
`
`that looks identical to an actual iPhone.
`
`
`31.
`
`Once a user has created a “virtual” iPhone, the Corellium Apple Product allows a
`
`user to make multiple copies of that virtual device, and thus multiple copies of the version of iOS
`
`installed thereon. As a result, on information and belief, Corellium’s servers are hosting
`
`numerous copies of iOS.
`
`12
`
`
`
`Case 9:19-cv-81160-RS Document 589 Entered on FLSD Docket 07/09/2020 Page 13 of 28
`
`32.
`
`On information and belief, the “virtual” iOS devices created by Corellium include
`
`fully functioning versions of iOS and iTunes.
`
`33.
`
`The Apple Corellium Product also provides users with the ability to “jailbreak”
`
`virtual iOS devices. Jailbreaking refers to the act of modifying iOS to circumvent the software
`
`restrictions that prevent unfettered access to the operating system. Corellium openly markets the
`
`ability of its technology to “jailbreak . . . any version” of iOS. Corellium provides its
`
`jailbreaking technology to all its customers, regardless of their purpose.
`
`34.
`
`In its Answer, Corellium attempts to paint itself as nobly purposed, enabling
`
`companies to identify iOS bugs for the beneficial purpose of improving the product and
`
`protecting users. In fact, far from being a product whose uses are limited to some salutary
`
`purpose, Corellium’s knock-offs, according to a February 2018 Forbes article, allow customers
`
`to try “whatever they want,” without regard to whether such activities are benign or malicious,
`
`on a virtual version of Apple’s devices.5 That article was evidently based on interviews with
`
`Corellium’s founders, Amanda Gorton, Chris Wade, and David Wang, as well as demonstrations
`
`of the Corellium Apple Product.
`
`35.
`
`According to the Forbes article, Ms. Gorton demonstrated that a “virtual” iPhone
`
`6—that is, a full reproduction of Apple’s iOS, iTunes, and GUI Elements—could be created “in
`
`a matter of minutes” using the Corellium Apple Product. The Forbes article also noted that the
`
`product can make virtual copies of “almost all iOS devices currently on the market.”
`
`36.
`
`Corellium’s own public statements bely their assertions that their infringing
`
`products are sold solely or even primarily for salutary purposes. In July 2018, Mr. Wade posted
`
`
`5 Thomas Brewster, This Super Stealth Startup Built An Apple Hacker’s Paradise, Forbes
`(Feb. 15, 2018), https://www.forbes.com/sites/thomasbrewster/2018/02/15/corellium-
`virtual-apple-iphones-for-hacking/#343d11b94a3b.
`
`13
`
`
`
`Case 9:19-cv-81160-RS Document 589 Entered on FLSD Docket 07/09/2020 Page 14 of 28
`
`on his Twitter account that the Corellium Apple Product would be available for use at two
`
`training courses held at the Black Hat USA Conference in August 2018: one titled “Offensive
`
`Mobile Exploitation & Reversing,” and the other, “The Mobile Application Hacker’s Handbook:
`
`Live Edition.” Mr. Wade’s tweet was retweeted by Corellium’s official Twitter account.
`
`
`
`37.
`
`In September 2018, Mr. Wade appeared on a podcast called “Risky Business” that
`
`described the Corellium Apple Product as being marketed to the developers of software
`
`“exploits”—that is, developers of code intended to exploit flaws in a third-party digital product.
`
`During the podcast, Mr. Wade observed that, if anyone is able to develop a particular type of
`
`exploit of iOS 12, “they might want to keep it to themselves, because it will be worth a lot of
`
`money to a lot of people.”
`
`38.
`
`On information and belief, the very next month, at the Tencent Security
`
`Conference, Mr. Wade stated that, for $1 million per year, entities will be able to license private
`
`installations of the Corellium Apple Product. This entails installing a full version of the
`
`Corellium Apple Product on a customer’s premises, rather than simply giving the customer
`
`access to Corellium’s own cloud-based product. Such private installations of the Corellium
`
`Apple Product copy, modify, and display Apple’s copyrighted works and allow users to do the
`
`same. The Corellium Apple Product also gives users the ability to circumvent the security
`
`14
`
`
`
`Case 9:19-cv-81160-RS Document 589 Entered on FLSD Docket 07/09/2020 Page 15 of 28
`
`measures that are designed to prevent access to and use of Apple’s copyrighted works via non-
`
`Apple hardware (such as Corellium’s on-premises hardware).
`
`39.
`
`On January 22, 2019, Corellium took its public communications about its
`
`flagrantly illegal activities even further, announcing on its official Twitter account that it was
`
`offering “on-site solutions” as an alternative to purchasing “jailbroken iPhones on eBay.” This
`
`represents an open acknowledgement of exactly what Corellium’s Apple Product is—a product
`
`that was designed, produced, and is now being marketed for the primary (and, in fact, exclusive)
`
`purpose of circumventing a technological measure that effectively controls access to Apple’s
`
`copyrighted works.
`
`
`On April 1, 2019, Corellium again highlighted the unlawful ends to which its
`
`40.
`
`product is aimed by publicly acknowledging that it had given access to its platform to the
`
`developers of code used to jailbreak iOS devices called “unc0ver,” so the developers could test
`
`the jailbreaking code “on any device running any firmware” and distribute that code to the
`
`public. Within weeks, those developers released a new version of unc0ver that allowed
`
`jailbreaking of iOS 12.6 In other words, Corellium has admitted not only that its product is
`
`designed to circumvent technological protection measures Apple puts in place to prevent access
`
`
`6 Github, v3.0.0 Release, posted by pwn20wndstuff, https://github.com/pwn20wndstuff/
`Undecimus/releases (April 19, 2019).
`
`15
`
`
`
`Case 9:19-cv-81160-RS Document 589 Entered on FLSD Docket 07/09/2020 Page 16 of 28
`
`to and infringement of its copyrighted works in iOS, but that it has aided and abetted the creation
`
`and trafficking of other software that is also designed to circumvent those same technological
`
`measures.
`
`
`Corellium contends in its Answer that “Corellium and its founders do business
`
`41.
`
`with those working in software security to protect end users.”7 On information and belief,
`
`Corellium actually makes no effort whatsoever to confine use of its product to good-faith
`
`research and testing of iOS. Nor does Corellium require its users to disclose any software bugs
`
`they find to Apple, so that Apple may correct them.
`
`42.
`
`For example, the Forbes article, and a separate article in Motherboard from the
`
`same month, both described a company called Azimuth Security as Corellium’s “first customer,”
`
`a fact Corellium acknowledges. The Motherboard article reported that Azimuth sells a range of
`
`tools that exploit flaws in software. Azimuth’s customers reportedly include foreign
`
`governments, including foreign intelligence agencies.8 And when a reporter recently asked
`
`
`7 Am. Answer at 10.
`8 Joseph Cox and Lorenzo Franceschi-Bicchierai, How A Tiny Startup Became The Most
`Important Hacking Shop You’ve Never Heard Of, Motherboard Vice (Feb. 7, 2018),
`
`16
`
`
`
`Case 9:19-cv-81160-RS Document 589 Entered on FLSD Docket 07/09/2020 Page 17 of 28
`
`Azimuth’s founder Mark Dowd, whether Azimuth had ever reported a bug found using
`
`Corellium to Apple, he answered, “no.”9 Contrary to its lofty rhetoric, Corellium in fact sells
`
`Apple’s technology and the ability to circumvent the security measures embedded in that
`
`technology for its own profit, and makes no effort to ensure its customers are engaged solely in
`
`good-faith security research. Instead, Corellium is selling a product for profit, using
`
`unauthorized copies of Apple’s proprietary software, that it avowedly intends to be used for any
`
`purpose, without limitation, including for the sale of software exploits on the open market.10
`
`43.
`
`Corellium’s founders publicly recognize the significant commercial opportunity
`
`embodied by the Corellium Apple Product. For instance, in August 2019, after Apple announced
`
`that it will offer custom devices lacking certain security measures to invited and trusted security
`
`researchers,11 Mr. Wade noted the “serious cloud services revenue” Apple could capture, but
`
`then said “[it] chooses instead to build custom devices for a select few.” This is an open
`
`acknowledgment that a cloud-based product like Corellium’s will compete directly with the
`
`custom devices that Apple plans to distribute to security researchers.
`
`
`https://motherboard.vice.com/en_us/article/8xdayg/iphone-zero-days-inside-azimuth-
`security.
`9 Lorenzo Franceschi-Bicchierai, iPhone Emulation Company Sued by Apple Says It's
`Making iPhones Safer, Motherboard Vice (Oct. 29, 2019), https://www.vice.com/en_us/
`article/8xw7gx/iphone-emulation-company-sued-by-apple-says-its-making-iphones-safer.
`10 In one tweet, Mr. Wade responded to an announcement by a company offering a $2
`million dollar bounty for “remote iOS jailbreaks” by suggesting that users try the
`Corellium Apple Product to find such bugs. @cmwdotme, Twitter (Jan. 7, 2018,
`7:10 AM), https://twitter.com/cmwdotme/status/1082293278840508416.
`11 Andy Greenberg, Apple Gives Hackers A Special iPhone—and A Bigger Bug Bounty,
`Wired (Aug. 8, 2019), https://www.wired.com/story/apple-hacker-iphone-bug-bounty-
`macos/.
`
`17
`
`
`
`Case 9:19-cv-81160-RS Document 589 Entered on FLSD Docket 07/09/2020 Page 18 of 28
`
`
`Enough is enough. Apple did not and has not licensed or otherwise authorized
`
`44.
`
`Corellium to use Apple’s copyrighted works in the creation of, or as part of, the Corellium Apple
`
`Product, and in no way authorized Corellium’s design, production, and marketing of a tool that
`
`allows users to circumvent technological measures that protect access to and use of Apple’s
`
`copyrighted works.
`
` Corellium’s Acts of Copyright Infringement
`
`45.
`
`Through its Corellium Apple Product, Corellium has engaged in and is engaging
`
`in the following acts of copyright infringement in violation of the Copyright Act, 17 U.S.C.
`
`§ 501:
`
`A.
`
`Corellium has created and is creating and distributing reproductions of, and is
`
`creating derivative works based upon, Apple’s iOS, iTunes, and GUI Elements, each of which are
`
`separate, independent protected works under the Copyright Act. In fact, Corellium has admitted
`
`the Corellium Apple Product makes modifications to iOS that allows it to be installed on, and run
`
`from, Corellium-developed or Corellium-operated hardware.
`
`B.
`
`Corellium has publicly displayed and is publicly displaying Apple’s GUI Elements,
`
`and admits as much.
`
`C.
`
`Corellium has and is continuing to induce, cause, and/or materially contribute to
`
`Corellium users’ own acts of direct copyright infringement of Apple’s copyrights in iOS, iTunes,
`
`18
`
`
`
`Case 9:19-cv-81160-RS Document 589 Entered on FLSD Docket 07/09/2020 Page 19 of 28
`
`and the GUI Elements. Corellium contributorily infringed and continues to contributorily
`
`infringe Apple’s copyrights by providing its users with access to the Corellium Apple Product,
`
`including by selling private installations of the Corellium Apple Product that allow users to
`
`create virtual Apple devices on hardware that they control. Corellium also induced and
`
`continues to induce acts of direct copyright infringement by promoting and encouraging the use
`
`of the Corellium Apple Product to infringe Apple’s copyrights.
`
`46.
`
`Corellium has no plausible defense to these acts of copyright infringement. On
`
`information and belief, Corellium is indiscriminately marketing the Corellium Apple Product to
`
`any customer, including foreign governments and commercial enterprises. Corellium is not
`
`selectively limiting its customers to only those with some socially beneficial purpose and/or
`
`those who promise to use Apple’s copyrighted works, through the Corellium Apple Product,
`
`only in lawful ways (though it is highly doubtful whether, under the circumstances, such uses
`
`actually exist). Instead, Corellium is simply unleashing Apple’s copyrighted works for the
`
`world-at-large to use, period.
`
`47.
`
`Corellium’s purpose is plainly commercial. The Apple works whose copyrights
`
`Corellium is infringing are exceptionally creative. Corellium is using them wholesale, in full.
`
`And in so doing, it is harming the market for Apple’s copyrighted works in a variety of respects,
`
`including, without limitation, by making certain such works freely available in a manner in
`
`which they are otherwise accessible to developers only through the Apple Developer Program or
`
`by entering into agreements with Apple.
`
` Corellium’s Unlawful Trafficking of a Product Used To Circumvent Security
`Measures
`
`48.
`
`The Copyright Act prohibits trafficking in products that are used to modify iOS
`
`and circumvent technological controls that protect copyrighted works. These “anti-trafficking”
`
`19
`
`
`
`Case 9:19-cv-81160-RS Document 589 Entered on FLSD Docket 07/09/2020 Page 20 of 28
`
`provisions, 17 U.S.C. § 1201(a)(2) and (b), make it unlawful for any person to “manufacture,
`
`import, offer to the public, provide, or otherwise traffic in any technology, product, service,
`
`device, component, or part thereof” that is primarily designed, produced, or marketed for the
`
`purpose of circumventing technological measures that either effectively control access to a
`
`copyrighted work (section 1201(a)(2)), or that protect the exclusive rights of a copyright owner
`
`(section 1201(b)). The Copyright Act also provides a private right of action for violations of the
`
`anti-trafficking provisions. 17 U.S.C. § 1203(a).
`
`49.
`
`Apple has incorporated security and other technological measures that, in their
`
`ordinary course of operation, require the application of information, or a process or treatment, to
`
`gain access to iOS, iTunes, and the GUI Elements. Apple has also incorporated technological
`
`measures that, in their ordinary course of operation, prevent, restrict, or otherwise limit the
`
`exercise of Apple’s exclusive rights in iOS, iTunes, and the GUI Elements, including but not
`
`limited to the right to copy and create derivative works from those works. These technological
`
`measures, among other things, include encryption, hardware checks, and server checks that
`
`prevent iOS from being installed and executed on non-Apple-authorized hardware, and prevent
`
`unfettered access to the iOS operating system.
`
`50.
`
`Through its Corellium Apple Product, Corellium has engaged in and is engaging
`
`in the following acts in violation of the anti-trafficking provisions of Title 17:
`
`A. Corellium, by offering the Corellium Apple Product for sale or license without
`
`authorization from Apple, is trafficking in technologies, products, or services that are primarily
`
`designed to avoid, bypass, remove, deactivate, or otherwise impair technological measures that
`
`effectively control access to the Apple’s copyrighted works, in violation of 17 U.S.C.
`
`§ 1201(a)(2).
`
`20
`
`
`
`Case 9:19-cv-81160-RS Document 589 Entered on FLSD Docket 07/09/2020 Page 21 of 28
`
`B. Corellium, by offering the Corellium Apple Product for sale or license without
`
`authorization from Apple, is trafficking in technologies, products, or services that are primarily
`
`designed