An appeals court has ruled that fair use doctrine protects a security researcher’s iPhone virtualization software — but two parts of the earlier verdict have been sent back to the originating court.
The US Court of Appeals for the Eleventh Circuit ruled on Monday that Corellium’s CORSEC simulator is covered by the fair use doctrine of copyright law, which permits the replication of copyrighted material in certain situations. The appeals court’s assessment covered three aspects of the lower court’s rulings.
- Direct infringement of iOS
- Direct infringement of Apple’s icons and wallpapers
- Contributory infringement
Regarding count one, the appeals court agrees that the fair use doctrine shielded Corellium and was not direct infringement of iOS. Regarding counts two and three, the three-judge panel has remanded them to the district court to independently consider them.
Remanding refers to the process of sending a case back to a lower court for further action. That can happen when an appeals court decides that the lower court made a mistake or did not fully address an issue in the case.
The appeals court may remand a case to the lower court with instructions to take additional evidence, reconsider certain issues, or issue a new ruling consistent with the appeals court’s decision.
Apple versus Corellium
The appeals court said that Corellium’s virtualization software furthers scientific progress by allowing security research into critical operating systems. Also, since it is a functional operating system, iOS is not protected by copyright laws.
They further judged that Corellium took only what was necessary from Apple’s software, and its product does not harm the market for iOS or iOS derivatives, so Apple’s incentive to continue innovating remains strong.
In 2019, Apple sued Corellium, alleging that Corellium’s products violated copyrights for iOS, iTunes, and other technologies owned by Apple. Corellium sells virtualized versions of Apple’s products, such as the iPhone, to developers and security researchers.
These individuals use the tool to identify software bugs, flaws, and other security vulnerabilities. Apple agreed to settle in August 2021 but later filed an appeal.
Apple claimed that Corellium’s software was a complete replication of iOS and was used as an alternative to its security research products. Corellium, on the other hand, argued that its duplication of Apple’s computer code and app icons was solely for security research and was significantly “transformative” according to the fair use standard.
Along with beta testing programs, Apple offers other services to developers and researchers, including an iOS simulator that lets developers create and test apps on a virtual iPhone. It also launched the Security Research Device Program, which provides unique iPhones for researchers to find bugs and exploits.
The court’s ruling upholds the significance of virtualization software for security research purposes, but further proceedings will examine the two other copyright arguments.
This story originally appeared on Appleinsider