It is notoriously challenging to audit the potential unauthorized data usage in deep learning (DL) model development lifecycle, i.e., to \emph{judge whether certain private user data has been used to train or fine-tune a deep learning model without authorization}. Yet, such data usage auditing is crucial to respond to the urgent requirements of trustworthy Artificial Intelligence (AI) such as data transparency, which are promoted and enforced in recent AI regulation rules or acts like General Data Protection Regulation (GDPR) and EU AI Act. In this work, we propose \tool, a simple and flexible \emph{te}sting framework for auditing \emph{da}ta usage in DL model development process. Given a set of user’s private data to protect ($D_p$), the intuition of \tool is to apply \emph{membership inference attack\footnote{Membership inference attack is a well-known privacy attack to infer whether a data record has been used in the training dataset of a machine learning model \cite{shokri2017membership}.}} (with good intention) for judging whether the model to audit ($M_a$) is likely to be trained with $D_p$. Notably, to significantly expose the usage under membership inference, \tool applies imperceptible perturbation directed by boundary search to generate a carefully crafted test suite $D_t$ (which we call `isotope’) based on $D_p$. With the test suite, \tool then adopts membership inference combined with hypothesis testing to decide whether a user’s private data has been used to train $M_a$ with statistical guarantee. We evaluated \tool through extensive experiments on ranging data volumes across various model architectures for data-sensitive face recognition tasks. \tool demonstrates high feasibility, effectiveness and robustness under various adaptive strategies (e.g., pruning and distillation). \tool is publicly available at: https://anonymous.4open.science/r/Face_iso-54FE.