Anything that doesn’t rely on IDFA, e.g. your Google account in Google’s Apps.

But I was thinking more about tracking within apps that isn’t concerned with tracking across apps or even tracking for advertising purposes, hence, “does not kill all forms of tracking”.

Facebook's announcement recommends Facebook social login or uploading hashes of user data: https://developers.facebook.com/docs/app-events/advanced-mat...

IP addr

While Apple are limiting access to IDFA for apps that don't ask for permission to track i.e. it will be all zeros they are also changing App Store policy. Specifically you are not allowed to track users using identifiers such as user ids, fingeprint ids etc if they have said that they don't want to be tracked. Sure Apple doens't have technical control over this but we know that they are willing to wield the ban hammer.

It'll be really interesting to see this play out. The experiment with the "Do Not Track"[0] header on the web failed becaused it was largely ignored by everyone. With Apple's tight control over the App Store you simply cannot ignore the rules because Apple can outright ban you for it.

0: https://en.wikipedia.org/wiki/Do_Not_Track

I doubt Apple would ban an app as valuable as Facebook.

That might be true, and may involve backchannel negotiations. But Apple didn't hesitate to revoke Facebook's developer certificate (for internal apps) and make Facebook employees scramble for a day or so because of the "VPN" app tracking fiasco early in 2019. [1]

[1]: https://www.theguardian.com/technology/2019/jan/30/facebook-...

They just banned Fortnite

Prob more a combination of IP address, user agent, iPhone model, plus prob some other device fingerprinting identifiers these ad trackers found