But if it isn't prevalent (which is likely to remain the case for the near future), and the regional agencies issuing subpoenas are technically pretty clueless (which I think they mostly are), then it will be effective. That's pretty near the best you can do, as long as you need to log IPs in some form for spam prevention.
Incidentally - a slightly more effective solution might be to put the 'did this IP visit recently' function in a secure microprocessor, rate limit it so it can't be bruteforced at more than a modest rate (in case of DDOS you can always temporarily stop using it), and throw away the keys to reprogram it. That really will stop everyone but the NSA, but it's about a million times more difficult and expensive...
Incidentally - a slightly more effective solution might be to put the 'did this IP visit recently' function in a secure microprocessor, rate limit it so it can't be bruteforced at more than a modest rate (in case of DDOS you can always temporarily stop using it), and throw away the keys to reprogram it. That really will stop everyone but the NSA, but it's about a million times more difficult and expensive...