Many committee members agreed. The committee will try to pass legislation this year, said Representative Joe Barton, a Texas Republican.
Other committee members questioned the need for data security regulations. It will be difficult for Congress to define data security standards when cyberattacks are changing so quickly, said Representative Marsha Blackburn, a Tennessee Republican.
Consumers should be responsible for protecting their personal information, not companies they do business with, suggested Representative Mike Pompeo, a Kansas Republican.
Ramirez disagreed. "I don't believe the burden should be placed on consumers," she said. "There are steps consumers can take to be vigilant in this area, but ... companies continue to make very fundamental mistakes when it comes to security."
Customers should be able to choose where to shop, based on security risks, without the government stepping in, Pompeo said. "If you think your material is going to be stolen from your home, you can buy a home security system," he said. "There are a lot of places where there are risks to private property, and we allow consumers to step in and decide if they want to pay ... for their own security."
Sign up for CIO Asia eNewsletters.