Case 9:19-cv-81160-RS Document 56 Entered on FLSD Docket 12/27/2019 Page 1 of 28 UNITED STATES DISTRICT COURT SOUTHERN DISTRICT OF FLORIDA Case No. 9:19-cv-81160-RS APPLE INC., Plaintiff, v. CORELLIUM, LLC, Defendant. FIRST AMENDED COMPLAINT AND DEMAND FOR JURY TRIAL 1. Plaintiff Apple Inc. (“Apple”) brings this complaint against Corellium, LLC (“Corellium”) for copyright infringement in violation of 17 U.S.C. § 501 and unlawful trafficking of a product used to circumvent security measures in violation of 17 U.S.C. § 1201. INTRODUCTION 2. This is a straightforward case of infringement of highly valuable copyrighted works, along with the trafficking of and profiting from technology that enables such infringement. Corellium’s business is based entirely on commercializing the illegal replication of the copyrighted operating system and applications that run on Apple’s iPhone, iPad, and other Apple devices. The product Corellium offers is a “virtual” version of Apple mobile hardware products, accessible to anyone with a web browser. Specifically, Corellium serves up what it touts as a perfect digital facsimile of a broad range of Apple’s market-leading devices— recreating with fastidious attention to detail not just the way the operating system and Case 9:19-cv-81160-RS Document 56 Entered on FLSD Docket 12/27/2019 Page 2 of 28 applications appear visually to bona fide purchasers, but also the underlying computer code. Corellium does so with no license or permission from Apple. 3. Corellium’s conduct plainly infringes Apple’s copyrights. This is not a case in which it is questionable or unclear whether the defendant reproduced the rights-owner’s works, or more subtly, whether particular portions of the works that the defendant took are ultimately protected by federal copyright law. Instead, Corellium simply copies everything: the code, the graphical user interface, the icons—all of it, in exacting detail. And that’s not all. Corellium goes even farther by providing its users with the tools to do the same. 4. Corellium explicitly markets its product as one that allows the creation of “virtual” Apple devices. For a million dollars a year, Corellium will even deliver a “private” installation of its product to any buyer. There is no basis for Corellium to be selling a product that allows the creation of avowedly perfect replicas of Apple’s devices to anyone willing to pay. 5. Although Corellium paints itself as providing a research tool for those trying to discover security vulnerabilities and other flaws in Apple’s software, Corellium’s true goal is profiting off its blatant infringement. Far from assisting in fixing vulnerabilities, Corellium encourages its users to sell any discovered information on the open market to the highest bidder. Indeed, Corellium’s largest customer admits that it has never reported any bugs to Apple.1 6. Apple strongly supports good-faith security research on its platforms, and has never pursued legal action against a security researcher. Not only does Apple publicly credit researchers for reporting vulnerabilities, it has created several programs to facilitate such research activity so that potential security flaws can be identified and corrected. Apple’s 1 Lorenzo Franceschi-Bicchierai, iPhone Emulation Company Sued by Apple Says It’s Making iPhones Safer, Motherboard Vice (Oct. 29, 2019), https://www.vice.com/en_us/ article/8xw7gx/iphone-emulation-company-sued-by-apple-says-its-making-iphones-safer. 2 Case 9:19-cv-81160-RS Document 56 Entered on FLSD Docket 12/27/2019 Page 3 of 28 programs include providing as much as $1 million per report through “bug bounty” programs in accordance with the provisions of those programs. Apple has also announced that it will provide custom versions of the iPhone to legitimate security researchers to allow them to conduct research on Apple devices and software. These efforts recognize the critical role that members of the security research community play in Apple’s efforts to ensure its devices contain the most secure software and systems available. 7. The purpose of this lawsuit is not to encumber good-faith security research, but to bring an end to Corellium’s unlawful commercialization of Apple’s valuable copyrighted works. Accordingly, Apple respectfully seeks an injunction, along with the other remedies described below, to stop Corellium’s acts of naked copyright infringement. THE PARTIES 8. Apple Inc. is a California corporation with its principal place of business at One Apple Park Way, Cupertino, California 95014. 9. On information and belief, Corellium, LLC is a limited liability company registered in Delaware with its principal place of business at 630 George Bush Blvd., Delray Beach, Florida 33483. JURISDICTION AND VENUE 10. Pursuant to 28 U.S.C. § 1338(a), this Court has subject matter jurisdiction over Apple’s claims for relief for violations of the federal copyright statute. 11. This Court has personal jurisdiction over Corellium because it resides, maintains offices, and conducts business in this State. 12. Venue in this Court is proper under 28 U.S.C. § 1400(a). Corellium resides in this District because its principal place of business is located in this District. 3 Case 9:19-cv-81160-RS Document 56 Entered on FLSD Docket 12/27/2019 Page 4 of 28 FACTS COMMON TO ALL CLAIMS FOR RELIEF Apple’s Copyrighted Works 13. Apple is a leading designer and manufacturer of mobile communication devices, personal computers, and media devices. Apple sells a variety of related software, services, accessories, and third-party digital content and applications. Apple’s products and services include iPhone®, Mac®, iPad®, Apple Watch®, AirPods®, AppleTV®, Beats® products, HomePod™, a portfolio of consumer and professional software applications, iOS, iPadOS™, macOS®, watchOS® and tvOS® operating systems, iCloud®, Apple Pay® and a variety of accessory, service, and support offerings. Apple sells and delivers digital content through the iTunes Store®, App Store®, Mac App Store, TV App Store, Book Store and Apple Music®. Apple has created numerous innovative technologies that have changed the face of the computer and telecommunications industries. 14. One such technology is the iOS operating system. iOS comes pre-installed on Apple mobile devices, including the iPhone, iPad, and iPod Touch. As the operating system for these mobile devices, iOS is the technological foundation for software “application” programs (or “apps”) that serve particular functions for end-users—from shopping to playing music and beyond. Both Apple and third-party programmers write and develop apps that run on iOS. 15. Apple has periodically created and released new versions of iOS to enhance the functionality and security of the operating system and the devices it runs. Apple released its prior major version of iOS, iOS 12, on September 17, 2018, to coincide with its release of the latest versions of the iPhone—iPhone XS and iPhone XS Max (both of which Apple released on September 21, 2018), and iPhone XR (which Apple released on October 26, 2018). Apple released iOS 13 on September 19, 2019. 4 Case 9:19-cv-81160-RS Document 56 Entered on FLSD Docket 12/27/2019 Page 5 of 28 16. In addition to an operating system and certain applications, Apple’s mobile devices include a number of graphic design elements that Apple has created. These include background wallpaper images, icons, and other features that make iOS and iTunes visually attractive to consumers. These visual design elements (referred to here as “graphical user interface elements,” or, more formally, “GUI Elements”) are critical to the appeal of Apple’s products, and Apple continually updates them to account for design trends and changing tastes. 17. Apple owns copyrights in (i) each version of iOS, (ii) each version of iTunes, and (iii) the GUI Elements, including different versions of graphic icons and preinstalled background wallpaper images. A list of copyright registrations for the works-in-suit is provided in Exhibit A. Apple registered all or virtually all of these copyrights with the U.S. Copyright Office either prior to Corellium’s acts of infringement, or within three months of publication. 18. Apple has put in place a series of technological protection measures that control access to and protect Apple’s exclusive rights in its software. These include several measures that prevent iOS and iTunes from being installed onto non-Apple-manufactured hardware. In addition, after iOS is installed on an Apple device, iOS includes software restrictions that prevent unfettered access to the operating system. Among other things, these restrictions prevent a user from modifying the operating system. 19. These various technological protection measures both control access to iOS and iTunes (for example, by requiring that users access the installed version of that software only on an Apple-manufactured device) and protect Apple’s exclusive rights (for example, by preventing the creation of unauthorized derivative versions of iOS). 20. Four other points regarding Apple’s products are relevant to this action. First, in the course of creating and upgrading its market-leading mobile devices, Apple has spent 5 Case 9:19-cv-81160-RS Document 56 Entered on FLSD Docket 12/27/2019 Page 6 of 28 significant resources developing elaborate security measures within iOS in order to protect its customers’ data, including embedding security features in the hardware, firmware, and software layers of iOS and the mobile products on which iOS is installed. To this day, Apple continues to invest significant resources in researching and improving the security measures in its products. 21. Second, Apple sells a service called the Apple Developer Program for $99 per year. The Apple Developer Program provides third-party developers with access to a range of Apple-created software development tools that allow the creation and testing of iOS apps. An example is TestFlight®, a development tool which allows app developers to publish “beta” versions of their apps to testers, who can then download and test the app for a limited period of time. 22. Third, Apple also distributes a software product called Xcode® that allows app developers to create and test iOS apps. Among the features of Xcode is one called “Simulator,” which gives an app developer the ability to test the app on a “virtual” iOS device. In addition, Xcode makes it possible to test apps on actual physical Apple devices. Although Xcode is provided without charge, use of the software requires agreement to specific and detailed terms and conditions of use, including agreement not to use Xcode to “decompile, reverse engineer, disassemble, attempt to derive the source code of, modify, decrypt, or create derivative works of” Apple-created software. 23. Fourth, earlier this year Apple announced the “iOS Security Research Device Program,” under which Apple will provide custom versions of the iPhone to legitimate security researchers, to allow them to find and report bugs to Apple. 24. Through Apple’s massive investments and unparalleled innovation, iOS has become one of the most widely used and distributed mobile operating system in the world. 6 Case 9:19-cv-81160-RS Document 56 Entered on FLSD Docket 12/27/2019 Page 7 of 28 Apple’s mobile products continue to lead the field, with billions of units sold. Corellium’s Infringing Product 25. Corellium is “a startup that sells a product that allows users to create virtual instances of almost any iOS device in the world.”2 Corellium’s product creates exact digital replicas of Apple’s iOS, iTunes, and GUI Elements (referred to here as the “Corellium Apple Product”), available via either Corellium’s web-based platform or a privately installed, Corellium-provided platform.3 Corellium admits that its product will compete with Apple’s iOS Security Research Device Program.4 26. The sole function of the Corellium Apple Product is to enable the creation of “virtual” iOS-operated devices, running unauthorized copies of iOS, on non-Apple hardware. Images and video of the Corellium Apple Product available online unambiguously demonstrate Corellium’s blatant copying of Apple’s copyrighted works and establish unequivocally that the Corellium Apple Product enables its users to circumvent the security protections that Apple has implemented to protect its copyrighted works and its exclusive rights in those works. For example, the following images show, on the left, an image of an iPhone X taken from Apple’s website, and on the right, a “virtual” iPhone X as created within the Corellium Apple Product. 2 Lorenzo Franceschi-Bicchierai, The Prototype iPhones That Hackers Use to Research Apple’s Most Sensitive Code, Motherboard Vice (Mar. 6, 2019), https://www.vice.com/ en_us/article/gyakgw/the-prototype-dev-fused-iphones-that-hackers-use-to-researchapple-zero-days. 3 References to the “Corellium Apple Product” refer only to products that create virtual versions of iOS-operated devices. This case does not raise claims regarding Corelliumcreated products that are based on other mobile operating systems. 4 Am. Answer at 8-9. 7 Case 9:19-cv-81160-RS Document 56 Entered on FLSD Docket 12/27/2019 Page 8 of 28 I iPhone IPhone 1) 27. orellium openly admits that its product depends on the copying of Apple?s content?i. e. Apple?s copyrighted works. For instance, in January 2018, orellium published a post on its of?cial Twitter account announcing the Corellium Apple Product, noting that the product ?enables us to 11111 Virtual iPhones in the cloud,? and features the ability to ?[r]1m any version of and the ?[o]ptional jailbreak of any version? of Case 9:19-cv-81160-RS Document 56 Entered on FLSD Docket 12/27/2019 Page 9 of 28 28. In August 2019, Corellium specifically emphasized, at the international cybersecurity Black Hat USA Conference, that the Corellium Apple Product is an exact copy of Apple’s copyrighted works, designed specifically to allow researchers and hackers to research and test their vulnerabilities, by “run[ing] real iOS – with real bugs that have real exploits.” In other words, the Corellium Apple Product is designed to find and exploit flaws in iOS. And Corellium’s Apple Product does so by, among other things, enabling its users to circumvent the technological protection measures that are designed to limit where and how Apple’s copyrighted works can be used. 9 Case 9:19-cv-81160-RS Document 56 Entered on FLSD Docket 12/27/2019 Page 10 of 28 29. Corellium acts quickly to copy new versions of Apple’s copyrighted works immediately after they are released. On September 27, 2018, within days of the announcement of Apple’s newest iPhone models (iPhone XR, iPhone XS, and iPhone XS Max), Corellium posted on its official Twitter account that the Corellium Apple Product supported those new devices with the newest version of the iOS operating system. 10 Case 9:19-cv-81160-RS Document 56 Entered on FLSD Docket 12/27/2019 Page 11 of 28 30. Other images available online show the ease with which Corellium’s customers can create new “virtual” iOS devices using the Corellium Apple Product. The following series of images show the steps a user would take in the Corellium Apple Product to create a new virtual iPhone X, with a fully functioning copy of iOS 12: A. The Corellium Apple Product allows a user to pick a specific type of device to create a virtual version of. The image below provides the option to copy an iPhone 7 Plus, iPhone 8, iPhone 8 Plus, or iPhone X. B. Next, the user selects a version of iOS to install on the virtual device. 11 Case 9:19-cv-81160-RS Document 56 Entered on FLSD Docket 12/27/2019 Page 12 of 28 As Corellium acknowledges, the Corellitun Apple Product then downloads a copy of the appropriate version of from Apple?s servers, installs it on orellium?s own hardware, and makes it available to the user through Corellium?s virtual environment. In doing so, orellitun?s product circumvents the security measures that are in place that prevent from being installed and executed on hardware other than Apple-authorized hardware. C. The orellium Apple Product can then display to users, via orellitun?s web-based platform or on a privately installed, orellium-provided platform a virtual iPhone that looks identical to an actual iPhone. CORELLIUM 31. Once a user has created a ?virtual? iPhone, the orellium Apple Product allows a user to make multiple copies of that virtual device, and thus multiple copies of the version of installed thereon. As a result, on information and belief, Corellitun?s servers are hosting numerous copies of 12 Case 9:19-cv-81160-RS Document 56 Entered on FLSD Docket 12/27/2019 Page 13 of 28 32. On information and belief, the “virtual” iOS devices created by Corellium include fully functioning versions of iOS and iTunes. 33. The Apple Corellium Product also provides users with the ability to “jailbreak” virtual iOS devices. Jailbreaking refers to the act of modifying iOS to circumvent the software restrictions that prevent unfettered access to the operating system. Corellium openly markets the ability of its technology to “jailbreak . . . any version” of iOS. Corellium provides its jailbreaking technology to all its customers, regardless of their purpose. 34. In its Answer, Corellium attempts to paint itself as nobly purposed, enabling companies to identify iOS bugs for the beneficial purpose of improving the product and protecting users. In fact, far from being a product whose uses are limited to some salutary purpose, Corellium’s knock-offs, according to a February 2018 Forbes article, allow customers to try “whatever they want,” without regard to whether such activities are benign or malicious, on a virtual version of Apple’s devices.5 That article was evidently based on interviews with Corellium’s founders, Amanda Gorton, Chris Wade, and David Wang, as well as demonstrations of the Corellium Apple Product. 35. According to the Forbes article, Ms. Gorton demonstrated that a “virtual” iPhone 6—that is, a full reproduction of Apple’s iOS, iTunes, and GUI Elements—could be created “in a matter of minutes” using the Corellium Apple Product. The Forbes article also noted that the product can make virtual copies of “almost all iOS devices currently on the market.” 36. Corellium’s own public statements bely their assertions that their infringing products are sold solely or even primarily for salutary purposes. In July 2018, Mr. Wade posted 5 Thomas Brewster, This Super Stealth Startup Built An Apple Hacker’s Paradise, Forbes (Feb. 15, 2018), https://www.forbes.com/sites/thomasbrewster/2018/02/15/corelliumvirtual-apple-iphones-for-hacking/#343d11b94a3b. 13 Case 9:19-cv-81160-RS Document 56 Entered on FLSD Docket 12/27/2019 Page 14 of 28 on his Twitter account that the Corellium Apple Product would be available for use at two training courses held at the Black Hat USA Conference in August 2018: one titled “Offensive Mobile Exploitation & Reversing,” and the other, “The Mobile Application Hacker’s Handbook: Live Edition.” Mr. Wade’s tweet was retweeted by Corellium’s official Twitter account. 37. In September 2018, Mr. Wade appeared on a podcast called “Risky Business” that described the Corellium Apple Product as being marketed to the developers of software “exploits”—that is, developers of code intended to exploit flaws in a third-party digital product. During the podcast, Mr. Wade observed that, if anyone is able to develop a particular type of exploit of iOS 12, “they might want to keep it to themselves, because it will be worth a lot of money to a lot of people.” 38. On information and belief, the very next month, at the Tencent Security Conference, Mr. Wade stated that, for $1 million per year, entities will be able to license private installations of the Corellium Apple Product. This entails installing a full version of the Corellium Apple Product on a customer’s premises, rather than simply giving the customer access to Corellium’s own cloud-based product. Such private installations of the Corellium Apple Product copy, modify, and display Apple’s copyrighted works and allow users to do the same. The Corellium Apple Product also gives users the ability to circumvent the security 14 Case 9:19-cv-81160-RS Document 56 Entered on FLSD Docket 12/27/2019 Page 15 of 28 measures that are designed to prevent access to and use of Apple’s copyrighted works via nonApple hardware (such as Corellium’s on-premises hardware). 39. On January 22, 2019, Corellium took its public communications about its flagrantly illegal activities even further, announcing on its official Twitter account that it was offering “on-site solutions” as an alternative to purchasing “jailbroken iPhones on eBay.” This represents an open acknowledgement of exactly what Corellium’s Apple Product is—a product that was designed, produced, and is now being marketed for the primary (and, in fact, exclusive) purpose of circumventing a technological measure that effectively controls access to Apple’s copyrighted works. 40. On April 1, 2019, Corellium again highlighted the unlawful ends to which its product is aimed by publicly acknowledging that it had given access to its platform to the developers of code used to jailbreak iOS devices called “unc0ver,” so the developers could test the jailbreaking code “on any device running any firmware” and distribute that code to the public. Within weeks, those developers released a new version of unc0ver that allowed jailbreaking of iOS 12.6 In other words, Corellium has admitted not only that its product is designed to circumvent technological protection measures Apple puts in place to prevent access 6 Github, v3.0.0 Release, posted by pwn20wndstuff, https://github.com/pwn20wndstuff/ Undecimus/releases (April 19, 2019). 15 Case 9:19-cv-81160-RS Document 56 Entered on FLSD Docket 12/27/2019 Page 16 of 28 to and infringement of its copyrighted works in iOS, but that it has aided and abetted the creation and trafficking of other software that is also designed to circumvent those same technological measures. 41. Corellium contends in its Answer that “Corellium and its founders do business with those working in software security to protect end users.”7 On information and belief, Corellium actually makes no effort whatsoever to confine use of its product to good-faith research and testing of iOS. Nor does Corellium require its users to disclose any software bugs they find to Apple, so that Apple may correct them. 42. For example, the Forbes article, and a separate article in Motherboard from the same month, both described a company called Azimuth Security as Corellium’s “first customer,” a fact Corellium acknowledges. The Motherboard article reported that Azimuth sells a range of tools that exploit flaws in software. Azimuth’s customers reportedly include foreign governments, including foreign intelligence agencies.8 And when a reporter recently asked 7 Am. Answer at 10. 8 Joseph Cox and Lorenzo Franceschi-Bicchierai, How A Tiny Startup Became The Most Important Hacking Shop You’ve Never Heard Of, Motherboard Vice (Feb. 7, 2018), 16 Case 9:19-cv-81160-RS Document 56 Entered on FLSD Docket 12/27/2019 Page 17 of 28 Azimuth’s founder Mark Dowd, whether Azimuth had ever reported a bug found using Corellium to Apple, he answered, “no.”9 Contrary to its lofty rhetoric, Corellium in fact sells Apple’s technology and the ability to circumvent the security measures embedded in that technology for its own profit, and makes no effort to ensure its customers are engaged solely in good-faith security research. Instead, Corellium is selling a product for profit, using unauthorized copies of Apple’s proprietary software, that it avowedly intends to be used for any purpose, without limitation, including for the sale of software exploits on the open market.10 43. Corellium’s founders publicly recognize the significant commercial opportunity embodied by the Corellium Apple Product. For instance, in August 2019, after Apple announced that it will offer custom devices lacking certain security measures to invited and trusted security researchers,11 Mr. Wade noted the “serious cloud services revenue” Apple could capture, but then said “[it] chooses instead to build custom devices for a select few.” This is an open acknowledgment that a cloud-based product like Corellium’s will compete directly with the custom devices that Apple plans to distribute to security researchers. https://motherboard.vice.com/en_us/article/8xdayg/iphone-zero-days-inside-azimuthsecurity. 9 Lorenzo Franceschi-Bicchierai, iPhone Emulation Company Sued by Apple Says It's Making iPhones Safer, Motherboard Vice (Oct. 29, 2019), https://www.vice.com/en_us/ article/8xw7gx/iphone-emulation-company-sued-by-apple-says-its-making-iphones-safer. 10 In one tweet, Mr. Wade responded to an announcement by a company offering a $2 million dollar bounty for “remote iOS jailbreaks” by suggesting that users try the Corellium Apple Product to find such bugs. @cmwdotme, Twitter (Jan. 7, 2018, 7:10 AM), https://twitter.com/cmwdotme/status/1082293278840508416. 11 Andy Greenberg, Apple Gives Hackers A Special iPhone—and A Bigger Bug Bounty, Wired (Aug. 8, 2019), https://www.wired.com/story/apple-hacker-iphone-bug-bountymacos/. 17 Case 9:19-cv-81160-RS Document 56 Entered on FLSD Docket 12/27/2019 Page 18 of 28 44. Enough is enough. Apple did not and has not licensed or otherwise authorized Corellium to use Apple’s copyrighted works in the creation of, or as part of, the Corellium Apple Product, and in no way authorized Corellium’s design, production, and marketing of a tool that allows users to circumvent technological measures that protect access to and use of Apple’s copyrighted works. Corellium’s Acts of Copyright Infringement 45. Through its Corellium Apple Product, Corellium has engaged in and is engaging in the following acts of copyright infringement in violation of the Copyright Act, 17 U.S.C. § 501: A. Corellium has created and is creating and distributing reproductions of, and is creating derivative works based upon, Apple’s iOS, iTunes, and GUI Elements, each of which are separate, independent protected works under the Copyright Act. In fact, Corellium has admitted the Corellium Apple Product makes modifications to iOS that allows it to be installed on, and run from, Corellium-developed or Corellium-operated hardware. B. Corellium has publicly displayed and is publicly displaying Apple’s GUI Elements, and admits as much. C. Corellium has and is continuing to induce, cause, and/or materially contribute to Corellium users’ own acts of direct copyright infringement of Apple’s copyrights in iOS, iTunes, 18 Case 9:19-cv-81160-RS Document 56 Entered on FLSD Docket 12/27/2019 Page 19 of 28 and the GUI Elements. Corellium contributorily infringed and continues to contributorily infringe Apple’s copyrights by providing its users with access to the Corellium Apple Product, including by selling private installations of the Corellium Apple Product that allow users to create virtual Apple devices on hardware that they control. Corellium also induced and continues to induce acts of direct copyright infringement by promoting and encouraging the use of the Corellium Apple Product to infringe Apple’s copyrights. 46. Corellium has no plausible defense to these acts of copyright infringement. On information and belief, Corellium is indiscriminately marketing the Corellium Apple Product to any customer, including foreign governments and commercial enterprises. Corellium is not selectively limiting its customers to only those with some socially beneficial purpose and/or those who promise to use Apple’s copyrighted works, through the Corellium Apple Product, only in lawful ways (though it is highly doubtful whether, under the circumstances, such uses actually exist). Instead, Corellium is simply unleashing Apple’s copyrighted works for the world-at-large to use, period. 47. Corellium’s purpose is plainly commercial. The Apple works whose copyrights Corellium is infringing are exceptionally creative. Corellium is using them wholesale, in full. And in so doing, it is harming the market for Apple’s copyrighted works in a variety of respects, including, without limitation, by making certain such works freely available in a manner in which they are otherwise accessible to developers only through the Apple Developer Program or by entering into agreements with Apple. Corellium’s Unlawful Trafficking of a Product Used To Circumvent Security Measures 48. The Copyright Act prohibits trafficking in products that are used to modify iOS and circumvent technological controls that protect copyrighted works. These “anti-trafficking” 19 Case 9:19-cv-81160-RS Document 56 Entered on FLSD Docket 12/27/2019 Page 20 of 28 provisions, 17 U.S.C. § 1201(a)(2) and (b), make it unlawful for any person to “manufacture, import, offer to the public, provide, or otherwise traffic in any technology, product, service, device, component, or part thereof” that is primarily designed, produced, or marketed for the purpose of circumventing technological measures that either effectively control access to a copyrighted work (section 1201(a)(2)), or that protect the exclusive rights of a copyright owner (section 1201(b)). The Copyright Act also provides a private right of action for violations of the anti-trafficking provisions. 17 U.S.C. § 1203(a). 49. Apple has incorporated security and other technological measures that, in their ordinary course of operation, require the application of information, or a process or treatment, to gain access to iOS, iTunes, and the GUI Elements. Apple has also incorporated technological measures that, in their ordinary course of operation, prevent, restrict, or otherwise limit the exercise of Apple’s exclusive rights in iOS, iTunes, and the GUI Elements, including but not limited to the right to copy and create derivative works from those works. These technological measures, among other things, include encryption, hardware checks, and server checks that prevent iOS from being installed and executed on non-Apple-authorized hardware, and prevent unfettered access to the iOS operating system. 50. Through its Corellium Apple Product, Corellium has engaged in and is engaging in the following acts in violation of the anti-trafficking provisions of Title 17: A. Corellium, by offering the Corellium Apple Product for sale or license without authorization from Apple, is trafficking in technologies, products, or services that are primarily designed to avoid, bypass, remove, deactivate, or otherwise impair technological measures that effectively control access to the Apple’s copyrighted works, in violation of 17 U.S.C. § 1201(a)(2). 20 Case 9:19-cv-81160-RS Document 56 Entered on FLSD Docket 12/27/2019 Page 21 of 28 B. Corellium, by offering the Corellium Apple Product for sale or license without authorization from Apple, is trafficking in technologies, products, or services that are primarily designed to avoid, bypass, remove, deactivate, or otherwise impair technological measures that effectively protect one or more of Apple’s exclusive rights in its copyrighted works, in violation of 17 U.S.C. § 1201(b). C. Corellium has, in fact, admitted that it has engaged in and is engaging in trafficking in violation of both section 1201(a)(2) and (b), by admitting the following facts: 1. The Corellium Apple Product makes modifications to iOS that allows it to be installed on, and run from, Corellium-developed or Corellium-operated hardware. Such modifications include disabling loadable firmware validation, disabling self-verification of the FIPS module, adding Corellium software to the “trust cache,” and instructing the restore tool not to contact Apple servers for kernel / device tree / firmware signing. 2. The Corellium Apple Product allows users to “jailbreak” or otherwise bypass one or more feature of iOS and iOS devices that are designed to prevent access to the software or other material that could be stored on the iOS device. 3. Corellium gave one or more Persons access to the Corellium Apple Product for the purpose of allowing such Person or Persons to develop software that can be used to “jailbreak” or otherwise bypass one or more feature of iOS and iOS devices that are designed to prevent access to the software or other material that could be stored on the iOS device. FIRST CLAIM FOR RELIEF Direct Federal Copyright Infringement (Computer Programs), 17 U.S.C. § 501 51. Apple realleges and incorporates by reference each of the allegations in preceding paragraphs 1-50 set forth above. 21 Case 9:19-cv-81160-RS Document 56 Entered on FLSD Docket 12/27/2019 Page 22 of 28 52. Apple owns, and at all times has owned, valid and enforceable copyrights in all of its computer programs, including each individual version of iOS and iTunes, all of which are creative works of original authorship. 53. Apple holds valid certificates of copyright registration from the U.S. Copyright Office for those computer programs that Corellium has infringed and continues to infringe for which Apple seeks relief in this action at present; the copyright registrations are identified, dated, and numbered in Exhibit A. 54. Corellium does not have authorization, license, or permission from Apple to reproduce, distribute, or create derivative works from any of Apple’s computer programs, whether as part of the Corellium Apple Product or any other similar use. 55. Corellium is not authorized by law to engage in the acts alleged above. 56. Through the acts alleged above, Corellium has violated, and is continuing to violate, Apple’s exclusive rights in its computer programs to reproduce, distribute, and make derivative works from iOS and iTunes, in violation of 17 U.S.C. §§ 106 and 501. 57. On information and belief, when developing, adopting, and marketing its services and the Corellium Apple Product, Corellium was and remains aware that each version of iOS and each version of iTunes are protected by copyright, or acted and is acting in reckless disregard of the possibility that it was infringing and continues to infringe those copyrights. It is clear from Corellium’s marketing materials that Corellium purposefully copied and continues to copy Apple’s copyrighted versions of iOS and iTunes into the Corellium Apple Product. Thus, Corellium’s violations of Apple’s exclusive rights in its computer programs were and continue to be knowing, intentional, and willful. 22 Case 9:19-cv-81160-RS Document 56 Entered on FLSD Docket 12/27/2019 Page 23 of 28 SECOND CLAIM FOR RELIEF Direct Federal Copyright Infringement (Graphical User Interface Elements), 17 U.S.C. § 501 58. Apple realleges and incorporates by reference all of the factual allegations set forth in preceding paragraphs 1-50 set forth above. 59. Apple owns, and at all times has owned, valid and enforceable copyrights in the works of visual art embodied in the GUI Elements, including the graphic icons, preinstalled background wallpaper images, and all other aspects of the graphical user interface of iOS and iTunes, all of which are creative works of original authorship. 60. Apple holds valid certificates of copyright registration from the U.S. Copyright Office for those background wallpaper images, icons, and other graphic elements that Corellium has infringed and continues to infringe for which Apple seeks relief in this action at present. The copyright registrations are identified, dated, and numbered in Exhibit A. 61. Corellium does not have authorization, license, or permission from Apple to reproduce, distribute, or publicly display the GUI Elements. 62. Corellium is not authorized by law to engage in the acts alleged above. 63. Through the acts alleged above, Corellium has violated, and is continuing to violate, Apple’s exclusive rights in its works of visual art to reproduce, distribute, and publicly display the GUI Elements in violation of 17 U.S.C. §§ 106 and 501. 64. On information and belief, when developing, adopting, and marketing its services and the Corellium Apple Product, Corellium was and remains aware that the GUI Elements are protected by copyright, or acted and is acting in reckless disregard of the possibility that it is infringing those copyrights. It is clear from Corellium’s marketing materials that Corellium purposefully copied and continues to copy Apple’s works of visual art in the Corellium Apple 23 Case 9:19-cv-81160-RS Document 56 Entered on FLSD Docket 12/27/2019 Page 24 of 28 Product. Thus, Corellium’s violations of Apple’s exclusive rights in the GUI Elements were and continue to be knowing, intentional, and willful. THIRD CLAIM FOR RELIEF Contributory Federal Copyright Infringement, 17 U.S.C. § 501 65. Apple realleges and incorporates by reference all of the factual allegations set forth in preceding paragraphs 1-50 set forth above. 66. Apple owns, and at all times has owned, valid and enforceable copyrights in all of its computer programs, including each individual version of iOS and iTunes, and the works of visual art embodied in the GUI Elements, including the graphic icons, preinstalled background wallpaper images, and all other aspects of the graphical user interface of iOS and iTunes. Apple holds valid certificates of copyright registration from the U.S. Copyright Office for all of the works at issue. The copyright registrations are identified, dated, and numbered in Exhibit A. 67. Users of the Corellium Apple Product (including those who purchase and use private installations of the Corellium Apple Product) do not have authorization, license, or permission from Apple to reproduce, distribute, create derivative works from, or publicly display any of Apple’s computer programs or works of visual art. 68. Through the acts alleged above, users of the Corellium Apple Product have engaged in and are engaging in acts of direct copyright infringement by reproducing, distributing, making derivative works from, and publicly displaying Apple’s computer programs and works of visual art. 69. On information and belief, when developing, adopting, and marketing the Corellium Apple Product, Corellium was and remains aware, or willfully blind, that use of that product would result in the infringement of Apple’s copyrights. 24 Case 9:19-cv-81160-RS Document 56 Entered on FLSD Docket 12/27/2019 Page 25 of 28 70. Through the acts alleged above, Corellium knowingly induced, caused, and/or materially contributed to, and continues to induce, cause, and/or materially contribute to, the acts of direct infringement by its users, including by distributing and providing access to the Corellium Apple Product with the object of promoting its use to infringe Apple’s copyrights. Accordingly, Corellium is liable for contributory copyright infringement. FOURTH CLAIM FOR RELIEF Unlawful Trafficking, 17 U.S.C. §§ 1201(a)(2), (b), 1203 71. Apple realleges and incorporates by reference all of the factual allegations set forth in preceding paragraphs 1-50 set forth above. 72. Apple owns, and at all times has owned, valid and enforceable copyrights in all of its computer programs, including each individual version of iOS and iTunes, and the works of visual art embodied in the GUI Elements, including the graphic icons, preinstalled background wallpaper images, and all other aspects of the graphical user interface of iOS and iTunes. 73. Apple has implemented technological protection measures that (a) effectively control access to those works, each of which is protected by Title 17, United States Code, and (b) effectively limit the exercise of one or more of Apple’s exclusive rights under Title 17, United States Code. 74. Through the acts alleged above, Corellium has violated, and is continuing to violate, the prohibition on manufacturing, importing, offering to the public, providing, or otherwise trafficking in a technology, product, service, device, component, or part thereof, that is primarily designed or produced for the purpose of circumventing one or more of these Appleimplemented technological measures. 75. Through the acts alleged above, Corellium has violated, and is continuing to violate, the prohibition on manufacturing, importing, offering to the public, providing, or 25 Case 9:19-cv-81160-RS Document 56 Entered on FLSD Docket 12/27/2019 Page 26 of 28 otherwise trafficking in a technology, product, service, device, component, or part thereof, that has only limited commercially significant purpose or use other than to circumvent one or more of these Apple-implemented technological measures. 76. Through the acts alleged above, Corellium has violated, and is continuing to violate, the prohibition on manufacturing, importing, offering to the public, providing, or otherwise trafficking in a technology, product, service, device, component, or part thereof, that is marketed by Corellium, or another acting in concert with Corellium with Corellium’s knowledge, for use in circumventing one or more of these Apple-implemented technological measures. 77. Corellium did not have, and does not have, authorization from Apple, and has no authorization under any law, to engage in any of those acts of trafficking, each of which has injured Apple by, among other things, facilitating the copyright infringement of Apple’s software. PRAYER WHEREFORE, Apple prays for the following relief: A. A permanent injunction ordering Corellium, and its officers, directors, members, agents, servants, employees, and attorneys, and all other persons acting in concert or participating with it, who receive actual notice of the injunction order by personal or other service, to do the following: 1. Cease all acts of direct and contributory copyright infringement related to iOS, iTunes, or any GUI Element; 2. Cease all trafficking of the Corellium Apple Product, including but not limited to any marketing, sale, or other distribution of the Corellium Apple Product; 3. Cease all uses of the Corellium Apple Product; 26 Case 9:19-cv-81160-RS Document 56 Entered on FLSD Docket 12/27/2019 Page 27 of 28 4. Terminate all third-party access to the Corellium Apple Product; 5. Issue a notification to all past and present customers of the Corellium Apple Product, stating that use of the Corellium Apple Product infringes Apple’s copyrights. B. A permanent injunction that includes all terms necessary to prevent and restrain infringement of Apple’s copyrighted works and trafficking in products that circumvent technological protection measures on those works. 17 U.S.C. §§ 502(a), 1203(b)(1). C. An order directing Corellium to return Apple’s intellectual property, including, without limitation, all copyrighted software and works of visual art that Corellium took from Apple, as set forth in this Complaint. D. An order impounding or destroying all infringing materials pursuant to 17 U.S.C. § 503, and all circumvention devices or products in the custody or control of Corellium pursuant to 17 U.S.C. § 1203(b)(2), (6). E. An order awarding Apple actual damages and lost profits pursuant to 17 U.S.C. §§ 504(b), 1203(b)(3), (c), or in the alternative, statutory damages pursuant to 17 U.S.C. §§ 504(c), 1203(c). F. An order awarding full costs and attorney’s fees. G. An order awarding Apple such other relief as the Court deems appropriate. JURY DEMAND Pursuant to Rule 38 of the Federal Rules of Civil Procedure, Plaintiff hereby demands a trial by jury. 27 Case 9:19-cv-81160-RS Document 56 Entered on FLSD Docket 12/27/2019 Page 28 of 28 Respectfully Submitted, Dated: December 20, 2019 s/ Martin B. Goldberg Kathryn Ruemmler* kathryn.ruemmler@lw.com Sarang Vijay Damle* sy.damle@lw.com Elana Nightingale Dawson* elana.nightingaledawson@lw.com LATHAM & WATKINS LLP 555 Eleventh Street NW, Suite 1000 Washington, DC 20004 (202) 637-2200 / (202) 637-2201 Fax Martin B. Goldberg Florida Bar No. 0827029 mgoldberg@lashgoldberg.com rdiaz@lashgoldberg.com LASH & GOLDBERG LLP 100 Southeast Second Street Miami, FL 33131 (305) 347-4040 / (305) 347-4050 Fax Andrew M. Gass* andrew.gass@lw.com LATHAM & WATKINS LLP 505 Montgomery Street, Suite 2000 San Francisco, CA 94111 (415) 391-0600 / (415) 395-8095 Fax Jessica Stebbins Bina* jessica.stebbinsbina@lw.com LATHAM & WATKINS LLP 10250 Constellation Blvd., Suite 1100 Los Angeles, CA 90067 (424) 653-5500 / (424) 653-5501 Fax *Admitted pro hac vice Attorneys for Plaintiff APPLE INC. 28