I think you can make an argument that spoofing should be legal (if for no other reason than for how hard it is to enforce). But if you are going to do that, you need to also require uniquely identifying information on the orders in the book as well. This way the market itself can accurately assign a value to the likelihood of being able to actually trade with a counterparty.
If an order comes from an entity with a reputation and history of yanking the order before anyone is able to trade with it, then the other participants in the market can accurately price based on that information.
But the current status quo of letting orders be anonymous and not punishing spoofing regularly provides a real moral hazard for traders that would otherwise prefer to actually trade the volumes they say they want to.
You're absolutely right that there's some risk involved in order-book spoofing, but the intent is the same as the examples I gave. In practice, the spoofers reduce their risk by doing things like placing a tiny order first to see whether it will get executed [1], or layering the book at prices worse than the current best bid / ask. (For the record, I don't think we should be throwing people in prison for this sort of thing.)
If an order comes from an entity with a reputation and history of yanking the order before anyone is able to trade with it, then the other participants in the market can accurately price based on that information.
But the current status quo of letting orders be anonymous and not punishing spoofing regularly provides a real moral hazard for traders that would otherwise prefer to actually trade the volumes they say they want to.