"Corellium, a security research firm sued by Apple, has won a major legal victory against the iPhone maker.

In a ruling that has wide-reaching implications for iPhone security research and copyright law, a federal judge in Florida threw out Apple’s claims that Corellium had violated copyright law with its software, which helps security researchers find bugs and security holes on Apple’s products.

Corellium, co-founded in 2017 by husband and wife Amanda Gorton and Chris Wade, was a breakthrough in security research because it gave its customers the ability to run “virtual” iPhones on desktop computers. Rather than using physical iPhones to poke and prod iOS, Apple’s mobile operating system, Corellium streamlined the process.

The judge in the case ruled that Corellium’s creation of virtual iPhones was not a copyright violation, in part because it was designed to help improve the security for all iPhone users. Corellium wasn’t creating a competing product for consumers. Rather, it was a research tool for a comparatively small number of customers.

“We believe the Court issued a well-reasoned order in this regard and made proper findings in connection with fair use,” said Justin Levine, Corellium’s lead attorney at the law firm Cole, Scott and Kissane.

Apple did not immediately respond to a request for comment. In the lawsuit, Apple argued that Corellium’s products could be dangerous if they fall into the wrong hands because security flaws discovered by Corellium could be used to hack iPhones. Apple also argued that Corellium sells its product indiscriminately, a claim Corellium denied.

Judge Rodney Smith called Apple’s argument on those claims “Puzzling, if not disingenuous.” Smith found that Corellium used a vetting process before selling its products to customers.

Companies such as Apple have typically prevailed in similar copyright cases in the past, and the ruling came as a surprise to some attorneys.

Still, over the past year tech giants have been facing tougher scrutiny as regulators and lawmakers probe the industry’s behavior. The chief executives of Google, Facebook, Apple and Amazon have faced questions about anticompetitive behavior before Congress, and Google and Facebook have faced charges by regulators and states on those grounds.

Apple, in its defense, has said that user security and privacy are its paramount concerns.

Many in the security community praised the Florida judge’s decision.

“This is a major victory for security researchers looking to make Apple devices more safe for the world,” said Will Strafach, a security researcher. “This is a very positive signal demonstrating that it may not be so easy for Apple to try to bully those who do things that Apple does not approve of.”

Apple initially attempted to acquire Corellium in 2018, according to court records. When the acquisition talks stalled, Apple sued Corellium last year, claiming its virtual iPhones, which contain only the bare-bones functions necessary for security research, constitute a violation of copyright law. Apple also alleged Corellium circumvented Apple’s security measures to create the software, thereby violating the Digital Millennium Copyright Act. That claim has not been thrown out.

“Weighing all the necessary factors, the Court finds that Corellium has met its burden of establishing fair use,” Smith wrote in Tuesday’s order. “Thus, its use of iOS in connection with the Corellium Product is permissible.”