(MONEY Magazine) – Richard M. Smith wants to make sure the phrase "Internet privacy" doesn't wind up an oxymoron. As chief of technology for the newly created Privacy Foundation, a Denver-based nonprofit group, Smith draws on 31 years of programming experience to uncover and publicize both the real and potential ways companies can track our moves on the Web without our knowledge. And he offers suggestions to firms on how they can become more privacy-friendly. "I like to say that I spy on the spiers," he says.

Over the past two years, Smith has cemented his role as one of the Internet's leading consumer-privacy advocates. He's had a hand in exposing virtually every high-profile online privacy controversy in recent memory, including RealNetworks' monitoring of its users' listening habits as well as the DoubleClick-Abacus Direct merger that threatened to unite DoubleClick's database of online surfing behavior with Abacus' database of mail-order buying habits. Smith also made headlines last year when he discovered that each Microsoft Word document has a unique "stamp" that could, theoretically, allow it to be traced back to the computer on which it was written.

His computing smarts (not to mention his ability to attract media attention to his causes) have earned him a healthy measure of respect from industry giants like Microsoft. "There have been times when he's helped us identify things that perhaps we didn't know were there, and so the company moved to fix something," says Microsoft spokeswoman Tonya Klause.

Until a year and a half ago, Smith ran Phar Lap Software, a company he co-founded in Cambridge, Mass., and followed privacy issues primarily as a hobby. But as corporate invasions of privacy seemed to become more frequent and flagrant, he decided to focus on them full time. He sold Phar Lap and now works out of the large third-floor office of his 110-year-old Victorian-style home, where he lives with his wife, 15-year-old (Napster-loving) daughter and white poodle Adelaide.

What's the next hot privacy topic? In 2001, Smith says, cell phones will begin reporting the physical position of a caller within 100 yards. "With 911 calls, there's a good safety reason for it," he says. "But it has interesting side effects. The marketers say they can offer 'location-based services.'" Companies could ring your cell phone and offer a discount if, within 20 minutes, you buy something at, say, a nearby Gap. Smith calls them "stalker ads." (A consumer test of just such a service did not go over well.)

Smith is also keeping an eye on digital video recorders like TiVo and ReplayTV, as well as other set-top interactive TV boxes such as WebTV. Many operate like supercharged VCRs; instead of using tapes, you can collect, store and play back your favorite shows from their internal hard drives. The problem? Users have to plug the boxes into their home phone lines, making it possible--theoretically, at least--for the devices to report back on customers' viewing habits. "The fact that it's two-way communication is the problem," says Smith. "I want to know what information is going back to TiVo over that wire." Says a TiVo spokesman: "There is the potential, and theoretically the technology, [but] our policy states very clearly that we'll never collect or sell personal information."

To find out about more privacy concerns on the horizon, and for alerts and updates, visit www.privacyfoundation.org or Smith's own site at www.tiac.net/users/smiths. But you might want to check them out at home: Workplace monitoring of Net use and e-mail, says Smith, is yet another area of widespread and underreported abuse.

--SUZANNE WOOLLEY

suzanne_woolley@moneymail.com