We describe a new method which promotes ownership of data by people about whom the data was collected. The data owner may preclude the data from being used for some purposes, and allow it to be used for other purposes. We show an approach, based on checking the proofs of program properties, which implements this idea and provides a tool for a verifiable implementation of the Use Limitation Principle. We discuss a scheme which implements data privacy following the proposed approach, present the technical components of the solution, and show an example. We also discuss a mechanism by which the proposed method could be introduced in industrial practice.