when you say non public api are you just talking about non public url's or socket connections etc? if it's just non public url's then as you say, monitoring the traffic would reveal what they are. reverse engineering for the purpose of interoperability is legal and legit under u.s. law.

it's time to use the same api(url's) as the iphone app surely !!

i might have a go at monitoring/grabbing the url's used in the official symbian app