The control-planes have to be completely independent for anything approaching real independence, not just some legal fiction that's lightly different[1] from the traditional big-tech practice of having an Irish subsidiary licensing the parent company's tech for tax optimization purposes.
1. No different at all, according to sibling comment.
It is completely separate. There isn't a shared control plane. You don't manage this in the GCP console, its a separate white-label product.
Any updates GCP wants to push are sent as update bundles that must be reviewed and approved by the operator (tsystems). During an outage, the GCP oncall or product team has no access and talks to operator who can run commands or queries on their behalf, or share screenshots of monitoring graphs etc.
(This information is ~3 years stale, but this was such fundamental design principle that I strongly doubt it has changed)