Author here: the title might seem like a clickbait, but we've seen it's accurate. Another option is "harmful". Correct answer is that it depends depending on how the testing tool is used:
1. If used correctly -> "harmful" (months of waiting without touching the site)
2. If not (like in most cases) -> "bullshit" (results are random)
The major difference between traditional A/B testing and Volument is that the comparisons are based on _cohort analysis_. It takes two groups of visitors and places them side-by-side starting from the very first visit: how they gradually build awareness and interest (metrics from the first visit) before taking action (on the first visit or on later visits). Then you take a cutoff day (say Day 7) and compare what has happened (how much retention, conversions, sales, virality) before that day. The whole "traction" so to speak.
That depends solely on what is an "analytics cookie". If it's a permanent identifier, then it's considered PII and requires a GDPR consent. Otherwise GDPR doesn't care. You can freely store foo=bar to a cookie.
Cookies are not an issue for GDPR, it's all about respecting users' privacy. In fact you can freely store anonymous data to cookies, localStorage, and sessionStorage without issues. The problem comes when you are dealing with personally identifiable information such as permanent identifiers.
You definitely need a "cookie banner" when using Simple Analytics, Fathom, or Plausible. Any service that accesses the device information such as the URL needs a permission from the user according the ePrivacy directive.
We have consulted EU law specialists when building our upcoming analytics service that is as privacy-friendly as Simple Analytics, while still measuring important things like retention and conversions. More information:
Volument - A new take on website analytics
volument.com