The ease with which Apple's rules may be circumvented is situation-specific, e.g. Facebook ran an ad campaign to protest against Apple enforcing privacy rules which (to my not legally trained eye) seem to have already been a legal requirement for app developers in several jurisdictions before Apple made it also a contractual obligation: https://news.law.fordham.edu/jcfl/2021/03/29/the-privacy-war...
So, for Meta, in this specific case, the law was easier to ignore than the developer agreement.
Facebook also uses the iOS Keychain to track you across app installs and deletions, AND even when restoring iCloud backups on a new phone! There's no way to see or delete that data without using Facebook apps, and no way to be sure that the data they show is all the data they've stored on your phone.
Unlike the developer agreement, the law didn't require the consent pop up to have any specific wording, and the wording that Apple requires is far scarier than it should be.
So, for Meta, in this specific case, the law was easier to ignore than the developer agreement.