* Paper presented at the Design Research Society Conference 2014 at Umeå, Sweden. It proposes a framework for UX design regarding security and privacy of Information and Communication Systems (ICSs) ---- Abstract ----- Securing Information and Communication Systems (ICSs) is a highly complex process due in large part to the feedback relationship that holds between the users and the system and its 'ecosystem' of usage. Such a relationship is critical for experience designers. The design of secure systems can thereby be enhanced by using principles from disciplines where similar relations hold, such as security engineering and adaptive systems. In this work, we propose a user experience design framework based on six principles and use a social networking system as an example of its application. The proposed design principles are grounded in complex systems theory. We address several potential security and privacy challenges inherent in the design of a large-scale adaptive system. By means of this framework we reflect upon the participation of an experience designer regarding the conceptualization, selection, review, and update of security and privacy matters. In this sense, we observe the role of the designer as a translator across disciplines. By introducing our framework, we also attempt to start a conversation about the challenges a designer faces in the appropriation of this role, either for the case of securing large-scale systems or in those situations where the boundaries of design and knowledge from other disciplines already overlap.