Holleyman also called for more congressional focus on cybersecurity research and development, for legislation to make cyberthreat information-sharing easier and for a national data breach notification law.
Representative John Conyers, a Michigan Democrat, introduced a national data breach notification law on Wednesday.
Lawmakers also debated whether there should be mandatory minimum sentences under the CFAA. President Barack Obama's administration is not calling for mandatory minimums as it has in the past. Jenny Durkan, U.S. attorney for the Western District of Washington, didn't explain the reasoning behind the change in policy, other than saying judges need to have sentencing discretion and the administration's priorities lie elsewhere.
Representative Bobby Scott, a Virginia Democrat, said mandatory minimum rules are unnecessary and sometimes "violative of common sense."
Sensenbrenner disagreed. "Does the administration oppose mandatory minimums as a matter of principle, or don't they think that the crimes that we're talking about here deserve a mandatory minimum?" he said.
Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is firstname.lastname@example.org.