So there is a serious ethical dilemma here that you need to consider.
If this perceived activity is illegal in your jurisdiction, then you should report it to the authorities -- starting with HR or someone at a high enough level within the company. This can be bad for you professionally, so you should be completely certain your are correct that he is spying on you without cause before you do anything. I am not a lawyer and this IS NOT LEGAL ADVICE; if any if this is unclear you should stop discussing it on the Internet and seek qualified legal counsel in your jurisdiction.
Is it your job to investigate his possible breach of company policy and criminal law? If not, anything you do could be construed as unlawful use of a computer (criminal activity in many places). That may not be precisely true, but if it goes to court in front of a jury that is how they may see it and you could be hung out to dry.
If you do not already have the technical acumen to KNOW how to determine if you are being monitored, then asking on the Internet for help figuring out how is very likely to end up getting you into (more?) trouble.