In your system there is often no way to prove which of the double-spends were first, so they both are invalid.
If we can provide deterministic way to order double-spends then we can include both and ignore the younger one. It's not related to Iota though, just an idea.
Anyhow, for that to happen, both double-spending tx's need to be broadcast more or less at the same time. Doesn't sound as a good idea for the attacker...