Apps mainly avoid it because their most privacy invasive features are tied to their functionality and their own servers. They can share with third party server side and mainly do that. Client side stuff is mainly far less important analytics, telemetry, crash reporting, etc. If the app or SDK wants to evade filtering client side, they just need to do their own DNS resolution via DoH using a hard-wired IP whether it's 1.1.1.1 or their own server. Facebook has IP fallbacks in several of their apps.